General Discussion - Here is why I don't believe it's a DDOS attack. - Forum

" Kage#1250 wrote: 1- PoE 1 exist for so long, settler league had no rollback server crash issue like this, previous leagues had no server issue like this. 2- This server issue did not existed on PoE 2 first launch. 3- This server issue started at PoE 2 Dawn of the Hunt launch and it was a thing for months. 4- During PoE 2 DotH league, we have never ever see any communication from GGG about the server issue. Forum and reddit was all about rollback server crash issue but absolutely no communication happened. 5- During CohhCarnage and his team interview with Jonathan stream which was aimed to be super casual interview and mostly targeted to developer's life and stuff, Cohh had to ask "whats happening to EU servers" because his chat was bringing up this question all the time. Jonathan casually replied with "Oh that's just ddos attack, that's all. We can't do anything about it and I don't have anymore to say" Afterwards Cohh said "he had to ask because chat is spamming" and he moved on to an another question. 6- I have never seen any developer team not communicate with playerbase during a serious DDOS attack. How he replied was so casual for a server issue that's been happening for months. 7- Now the same issue begun with PoE 1 newest league, suddenly they decided to communicate because this league promises a lot of players including new ones that is coming from first time PoE 2ers. Yet they give you the same excuse, DDOS attack. PoE 2 Dawn league had insane playerbase drop due to league being bad anyways, so they decided to ignore it and hope for servers to be better in the future leagues. Now that's happening again, they are working hard to fix it. 8- First of all, I have seen many game servers getting DDOSED before, yet none of them lasted months like this. 9- If this is a DDOS attack targeted to EU and other servers were fine, why when majority of eu playerbase switches to NA, the NA servers which had no issue before suddenly crashes and rollbacks like EU servers? 10- People who say it's because of RMT; Why this issue never happened during Settler or previous nearby leagues or PoE 2 first launch at all? PoE 1 exist for years, and we all know RMT in this game exist for long time. PoE 2 being first launch ever, you don't need to know how rmt going to be crazy. Yet had no issue like this. I don't think someone targeting the servers because they want to prevent people to progress. 11- This is all the red flags I gathered, feel free to comment and discuss. I do not believe this is ddos attack. I believe it's just a normal server problem that something happened and now they can't fix it for months. Maybe they need new server providers but costs shit ton of money and they don't want to spend that money and rather make us deal with the broken servers. There is something happening in background for sure but DDOS ain't it. There's a lot to address here. first of all, a DDoS attack can last forever. There's no time limit beyond the heat death of the universe, or a solar flare roasting all electronics on earth or and a lot more likely, the person doing it keels over from a heart attack (and in fact that might not even stop it if it's a bot network). If the person doing it is in a country that has poor legislation against doing this, there's not much that can be done legally speaking even though it is in most countries, very illegal. Secondly, it is impossible to safeguard 100%. Any server connected to the internet is at risk of DDoS attacks. This has been a problem for about as long as online gaming has been a thing. Companies far richer and far bigger than GGG has been powerless to stop it in the past. Thirdly, When EU players all go to NA servers, it is not weird that NA servers get problems. A lot of players trying to join the same server at once, is close to what a DDoS attack is. When a server gets loads of packets at once, it can crash. This is why people do DDoS attacks, because it crashes servers. A server doesn't care if the packets and pinging is legit or fake, to the server it's all the same. In a way, EU players unintentionally DDoSed the NA servers. Also, companies are usually not open about DDoS/DoS attacks. In 2024 there were approximately 13 MILLION unique DDoS attacks registered by various cybersecurity agencies (StationX DDoS Statistics). In 2025 Q1 there were 20 million blocked DDoS attempts, that's a near 400% increase from 2024. Have you heard about any of those? Porbably not, so no companies are not open about it and they don't have to, they are victims of a crime. Should they be open about it? I would say yes, but it's entirely up to the company and it is NOT a red flag if they aren't. We also don't know, whether they told us when they found out or if it's been a problem for months and for whateer reason they are only just telling us now, we don't know. Finally, servers have problems for a whole host of reasons. just because PoE2 had problems and PoE1 has problems, does not mean it's the same problem. To users, server problems usually look the same regardless of what the problem is, that is the server is crashing or being slow. Personally, most PoE league launches have had degrees of server issues. This is a problem of expectations, both from GGG and the playerbase. They underestimate the traffic they'll see, consistently and i don't know if you can truelly estimate that correctly, and the playerbase treats GGG like they are made of money and resources. Again far bigger companies, with a lot more resources have had huge issues with DDoS attacks in the past, so logic dictates that GGG probably is not going to be better at mitigating DDoS attacks.	Posted by CptBlackout#6588 on Jun 26, 2025, 10:41:10 AM Quote this Post
" CptBlackout#6588 wrote: Personally, most PoE league launches have had degrees of server issues. This is a problem of expectations, both from GGG and the playerbase. They underestimate the traffic they'll see, consistently and i don't know if you can truelly estimate that correctly, and the playerbase treats GGG like they are made of money and resources. Again far bigger companies, with a lot more resources have had huge issues with DDoS attacks in the past, so logic dictates that GGG probably is not going to be better at mitigating DDoS attacks. Peak was 170k player, did they underestimate that this many players would play poe 1? lmao, i don't think so....	Posted by Strickl3r#3809 on Jun 26, 2025, 11:54:18 AM Quote this Post
" CptBlackout#6588 wrote: server it's all the same. In a way, EU players unintentionally DDoSed the NA servers. That's simply not correct A packet that doing bad request and gets 403 and a packet that triggers heavy calculations are very different. What you have said just means their servers aren't capable of serving legit players playing the game. Which is 100% GGG problem, since those players do not DDoS, they just play. Last edited by Hornsent#1110 on Jun 26, 2025, 12:10:34 PM	Posted by Hornsent#1110 on Jun 26, 2025, 12:09:14 PM Quote this Post
" Hornsent#1110 wrote: " CptBlackout#6588 wrote: server it's all the same. In a way, EU players unintentionally DDoSed the NA servers. That's simply not correct A packet that doing bad request and gets 403 and a packet that triggers heavy calculations are very different. What you have said just means their servers aren't capable of serving legit players playing the game. Which is 100% GGG problem, since those players do not DDoS, they just play. EU servers and NA servers are not the same servers, if the population from one server suddenly moves to the other server, the other server might get problems. I also if you read what i wrote, did not say EU players DDoSed anyone. I did not say it's the same as a DDoS, to clarify because apparently that's what i have to do, in ESSENCE it's SIMILAR to what a DDoS attack does. Overloading a server. If this is not a problem, please explain the existence of server queues. All i want to know is what kind of magic machinery you work with that apparently cannot breakdown ever. I think you should share you secrets with the world and become a billionaire selling it to server providers. Solved the holy grail apparently. Last edited by CptBlackout#6588 on Jun 26, 2025, 1:54:31 PM	Posted by CptBlackout#6588 on Jun 26, 2025, 1:49:30 PM Quote this Post
" VoidWhisperer42#5989 wrote: " Hornsent#1110 wrote: It could only be done from the game client, after the login. There is no way any server, more so game server, allows for "complex computations" without login. It's actually worse for web servers, since sites could be viewed by anyone without login and DDoS can target heavy pages. GGG use Cloduflare for that, though. Game servers should require login, no login means requests are rejected. And having to login means GGG could find those who cause trouble and ban them. You're completely wrong here. A DDoS attack doesn't require being logged in or even using the game client at all. Game servers don’t care if traffic is legit or not, they just receive massive floods of fake packets aimed directly at their IP, overwhelming bandwidth or server resources. This has nothing to do with complex computations or being authenticated. In fact, most DDoS attacks target the network layer or pre-login endpoints, and they're done through botnets or spoofed sources. Banning accounts does nothing when the attacker isn't even logged in to begin with. It's a network-level attack, not a game account issue. There’s really not much that can be done to prevent DDoS attacks entirely. At best, companies can mitigate the impact, but if stopping them was as easy as banning accounts or requiring logins, this wouldn't still be a problem for even the biggest studios today. Every other companies can mitigate a ddos issue under a day, but GGG can't mitigate for months now. If you believe this, I don't have much to say to you. It's clearly a different issue that might require them to spend a lot of money maybe to change server provider which like I said, costs a lot of money for sure. They are probably looking alternative ways to fix this issue with the server provider. This is why its taking so long, if they cannot find a way, 1- they will ignore the issue or try to make it less problematic, 2- they will accept spending money and get a new server provider. This is not a new issue, this is the same issue since poe2 dawn league launched. Even when the game lost all the playerbase, they still had rollback issues. Ain't nobody constantly ddosing the game even when there is almost nobody playing. Last edited by Kage#1250 on Jun 27, 2025, 7:23:18 AM	Posted by Kage#1250 on Jun 27, 2025, 7:23:02 AM Quote this Post
" Kage#1250 wrote: Every other companies can mitigate a ddos issue under a day, but GGG can't mitigate for months now. Very few companies can do that. Game studios or related companies are not amongst those few. It also depends on the intensity and scope of the attack. This isn't one of those issues where you throw money at it and magically solve it. Stop making false claims to feed your narrative. It makes anything you say less credible. Last edited by Crîmnor#4334 on Jun 27, 2025, 9:55:36 AM	Posted by Crîmnor#4334 on Jun 27, 2025, 9:41:05 AM Quote this Post
" Crîmnor#4334 wrote: " Kage#1250 wrote: Every other companies can mitigate a ddos issue under a day, but GGG can't mitigate for months now. Very few companies can do that. Game studios or related companies are not amongst those few. It also depends on the intensity and scope of the attack. This isn't one of those issues where you throw money at it and magically solve it. Stop making false claims to feed your narrative. It makes anything you say less credible. Actually they are not false claims, there are effective services for hire to mitigate DDOS attacks, plenty of web services that I worked on hire them and manage to solve them ina a matter of days, a week or 2 max. This situation is getting more and more frustrating and it seems GGG just doesn't give 2 f's. Pff, who even plays Standard? Last edited by ZarkBit#6794 on Jun 27, 2025, 11:09:26 AM	Posted by ZarkBit#6794 on Jun 27, 2025, 11:08:58 AM Quote this Post
" Kage#1250 wrote: Every other companies can mitigate a ddos issue under a day, but GGG can't mitigate for months now. If you believe this, I don't have much to say to you. Absolutely not true. Even companies far larger than GGG, like Riot, Blizzard, Square Enix, EA, Ubisoft, Microsoft, Sony, heck even Nintendo have all dealt with DDoS attacks that lasted days or even weeks. These aren’t magically resolved in under a day, they’re complex, ongoing threats that impact even the largest and most well-funded companies in the industry. And I don’t need to “believe” you, having played multiple online games over the years, I’ve seen firsthand how common and disruptive DDoS issues are across the board. This isn’t a GGG-exclusive problem by any stretch. Windows 11, 9950X3D, RTX 4090, 96GB DDR5, 14,100 MB/s SSD, 15,360x2160p @240Hz Ultra 4K Gaming & Workspace Powerhouse	Posted by VoidWhisperer42#5989 on Jun 27, 2025, 11:20:26 AM Quote this Post
So as it turns out (according to GGG itself) apparently the server instance crashes were indeed not due to DDoS but due to bugginess by GGG (in their anti-DDoS code): " Server Issues We've been very focused on improving DDoS protection for our servers. Unfortunately, some of the protective measures have blocked legitimate traffic, causing instances to unexpectedly close. We're working closely with our server providers to finish setting up protection and resolve these issues as soon as possible. Source: https://www.pathofexile.com/forum/view-thread/3801391 No wonder it's lost, it's in the middle of the jungle!	Posted by Zrevnur#2026 on Jun 27, 2025, 12:09:34 PM Quote this Post
" ZarkBit#6794 wrote: Actually they are not false claims, there are effective services for hire to mitigate DDOS attacks, plenty of web services that I worked on hire them and manage to solve them ina a matter of days, a week or 2 max. The keyword is mitigate, not solve. Your "web services" being fine after investing into one of the solutions is nice and all but in no way, shape or form indicative of every other network infrastructure there is. " ZarkBit#6794 wrote: This situation is getting more and more frustrating and it seems GGG just doesn't give 2 f's. They literally gave an update. What more do you want? Chris Willson himself coming out of retirement and calling you for an update every other hour? Lmao.	Posted by Crîmnor#4334 on Jun 27, 2025, 12:37:55 PM Quote this Post