Source PlayCMS is a website management system for Lineage 2 gaming

[FunBasec]

 

PlayCMS - это удобная система управления веб-сайтом, разработанная специально для игровых проектов Lineage 2. CMS позволяет быстро запустить полнофункциональный серверный сайт с регистрацией игроков, личным кабинетом, новостями, рейтингами, магазином, модулями и гибкой панелью администратора.

Система ориентирована на владельцев серверов Lineage 2, которым нужен красивый, функциональный и понятный сайт без лишних сложностей.  PlayCMS уже предоставляет базовые функции для управления проектами, такие как публикация новостей, настройка страниц, работа с пользователями, подключение шаблонов, а также установка модулей и плагинов.

Ключевые особенности PlayCMS:
— удобная административная панель;
— регистрация и авторизация игроков;
— учетная запись пользователя;
— новостные и информационные страницы;
— рейтинги игроков и кланов;
— поддержка шаблонов дизайна;
— установка модулей и плагинов через административную панель;
— магазин цифровых продуктов;
— категории продуктов;
— возможность добавить фавикон;
— защита лицензии для административной панели;
— адаптация для игровых проектов Lineage 2;
— возможность расширения функционала в соответствии с потребностями сервера.

PlayCMS подходит как для новых игровых проектов, так и для существующих серверов, которым нужен удобный сайт с современным дизайном и интуитивно понятным управлением.

Система проста в настройке и поддерживает индивидуальные шаблоны, дополнительные плагины и модули, что позволяет вам развивать свой сайт параллельно с развитием сервера.

PlayCMS — это готовое решение для владельцев серверов Lineage 2, которым нужен красивый, быстрый и функциональный сайт.

Демоверсия —  https://demo.playcms.ru/

Я разработчик этого чуда. Я готов выслушать конструктивную критику, а также ваши предложения по улучшению движка.
Кроме того, я пишу модули любой сложности для этой CMS.

Свяжитесь со мной:
Telegram — @playcms

 

 

 

EN

 

PlayCMS is a user-friendly website management system designed specifically for Lineage 2 gaming projects. The CMS allows you to quickly launch a fully functional server website with player registration, personal account, news, ratings, a store, modules, and a flexible admin panel.

The system is focused on Lineage 2 server owners who need a beautiful, functional, and clear website without unnecessary complexity. PlayCMS already provides basic features for project management, such as publishing news, customizing pages, working with users, connecting templates, and installing modules and plugins.

Key Features of PlayCMS:
— a convenient administrative panel;
— player registration and authorization;
— user account;
— news and information pages;
— player and clan ratings;
— support for design templates;
— installation of modules and plugins through the admin panel;
— digital product store;
— product categories;
— ability to add a favicon;
— license protection for the admin panel;
— adaptation for Lineage 2 game projects;
— the ability to expand functionality to meet the needs of the server.

PlayCMS is suitable for both new gaming projects and existing servers that require a user-friendly website with a modern appearance and intuitive management.

The system is easy to configure and supports individual templates, additional plugins, and modules, allowing you to develop your website alongside your server.

PlayCMS is a ready-made solution for Lineage 2 server owners who need a beautiful, fast, and functional website.

Demo - https://demo.playcms.ru/

I am the developer of this miracle. I am ready to listen to constructive criticism, as well as your suggestions for improving the engine.
I also write modules of any complexity for this cms.

Contact me:
Telegram - @playcms

 

Скачать\Download :

https://drive.google.com/file/d/15Az9WVDD4SQNyOPAsXMU4-mGHOiA_U_d/view

 

 

Added a new module "Wheel of Fortune" to the demo version.

 PlayCMS Fortune Wheel - module "Wheel of Fortune" for Play CMS

Purpose:
- adds a Lineage 2-style wheel of fortune to the user's personal account;
- displays in the personal account on top of the balance and warehouse block;
- supports prizes: Adena, Coin of Luck, premium account, common items, empty slots;
- before submitting the form, shows the animation of the wheel spinning;
- if there are no attempts, it displays the "No attempts" modal window;
- the won gift is automatically added to the user's inventory;
- adds a separate "Wheel of Fortune" section to the admin panel;
- in the admin panel, you can edit slots, Item ID, quantity, drop chance, attempts, and the price of purchasing attempts using your balance.

[Splicho]

XD

[FunBasec]

Added the protection module to the demo.

 

DDoS Guard Pro v2.0 is a system protection module for PlayMMO CMS designed to reduce the load on the website during HTTP floods, bot activity, suspicious frequent requests, and attacks on individual pages or API methods.

Unlike simple global limiters, DDoS Guard Pro v2.0 supports flexible rules based on routes and HTTP methods. This allows you to block the entire site in a targeted manner, rather than blocking the entire site equally. You can set up protection for specific areas of the site, such as login, registration, APIs, administration, forms, and other sensitive areas.

What is the purpose of the module?
DDoS Guard Pro v2.0 helps protect your site from basic L7 attacks at the HTTP request level.

The module is useful when your site receives:

frequent requests from a single IP address;
HTTP page floods;
login or registration form flooding;
automatic requests from bots;
URL scanning;
frequent API requests;
suspicious activity spikes;
load on individual CMS methods or pages.
The module helps to reduce the load on PHP and CMS by limiting suspicious activity before it starts to create a serious load on the site.

Main features
Per-route and per-method Rate Limit
In the new version, protection is configured not only globally, but also according to specific rules.

You can set limits separately for:

GET;
POST;
PUT;
PATCH;
DELETE;
ALL.
This allows you to flexibly protect different parts of your website.

For example:

for the login page, you can set a strict limit;
for registration, you can set a separate limit;
for the API, you can set a limit for reading and a limit for changing data;
for regular website pages, you can set a soft limit or not set a limit at all.
This approach reduces the risk of accidentally blocking regular users and makes the protection more accurate.

Flexible rule system
The module supports setting rules in the following format:

METHODS|PATTERN|LIMIT|WINDOW|BURST_LIMIT|BURST_WINDOW|BLOCK_SECONDS|IDENTITY|NAME

Example of rules:

POST|*login*|10|60|5|10|600|ip|login_post

POST|*register*|8|60|4|10|600|ip|register_post

GET|*api*|300|60|80|10|120|ip|api_get

PUT,PATCH,DELETE|*api*|80|60|20|10|300|ip|api_write

This allows you to specify exactly:

which HTTP methods to protect;
which URLs or URL patterns to consider;
how many requests are allowed;
over what time period;
what burst limit to use;
 how many seconds to block the offender;
 by which ID to count the limit;
 what the rule is called.
Burst protection against sharp spikes
 In addition to the regular request limit, the module monitors sharp spikes of activity.

 This is useful when a bot makes many requests in a few seconds. In this case, the protection can be activated faster, without waiting for the overall limit per minute.

 Burst protection is especially useful for:

authorization pages;
registration;
API;
search;
data submission forms;
administrative sections.
Support for different types of requests
DDoS Guard Pro v2.0 works not only with POST requests.

The module can control:

GET — regular pages, API requests, search;
POST — forms, login, registration, data submission;
PUT — updating data via API;
PATCH — partial data update;
DELETE — data deletion;
ALL — all methods at once.
This makes the module suitable not only for regular sites, but also for CMS with API, personal accounts, game panels and administrative actions.

Limit storage: Redis, APCu and file fallback
In the new version, the module supports several options for storing temporary data.

Available modes:

Redis;
APCu;
file fallback.
The auto mode tries to use the most suitable option:

Redis;
APCu;
file storage as a fallback.
Redis or APCu are suitable for more efficient operation, while the file storage is left as a fallback option for simple hosting environments that do not have additional extensions.

JSONL logging
The module records protection events in JSON Lines format.

Logs are saved in the following file:

storage/logs/ddos_guard.jsonl

This format is more convenient than a regular text log, because each event is stored as a separate JSON record.

The logs can record the following information:

event time;
IP address;
HTTP method;
URL;
name of the triggered rule;
reason for blocking;
number of requests;
action status;
user-agent;
protection mode.
The JSONL format is convenient for analysis by external tools, log agents, and monitoring systems.

Prometheus metrics
DDoS Guard Pro v2.0 adds an endpoint for receiving metrics in Prometheus format.

Endpoint:

/?ddos_guard_metrics=TOKEN

The token is set in the module settings.

Metrics allow you to track:

the number of processed requests;
the number of rule activations;
the number of blocks;
activity by limits;
protection events;
module status.
This allows you to connect monitoring and configure alerts so that the administrator can see when suspicious activity starts on the site.

LOG ONLY mode
The module has a LOG ONLY mode.

In this mode, DDoS Guard Pro does not block users, but only records events and potential triggers in the log.

This mode is recommended to be used after installation, in order to first see which rules are triggered, and only then to enable the real blocking.

 This helps to avoid too strict limits and random blocking of regular users.

 Support for Cloudflare and proxy
 The module supports working behind Cloudflare or another reverse proxy.

 With proper configuration, it is possible to take into account the real IP of the user, and not the IP of the proxy server.

 This is important for sites that use:

 Cloudflare;
nginx reverse proxy;
load balancers;
CDN;
hosting proxy protection.
Nginx-recommendations
DDoS Guard Pro v2.0 contains an example nginx-config:

modules/ddos_guard/nginx-ddos-guard-example.conf

This allows you to use the module as an additional application layer of protection, and to move the main coarse limits to the nginx level.

Recommended protection scheme:

Cloudflare / nginx / firewall → DDoS Guard Pro → PlayMMO CMS

This approach is more correct than trying to solve all problems only at the PHP level.

[Seamless]

So you developed a rate limiter with extra steps on the application layer ? Do you know that http is on top of tcp and someone can exhaust your resources before even reach your app ? Thus whatever limit/rule you set is a bit obsolete and creates complexity for your app. Also the order is cloudflare/   os firewall / nginx /  php 

Edited Sunday at 08:59 PM by Seamless