This is a quick look how we secured our game! ofcourse i cannot go into details
The client and server will be exchanging information on a tcp/ip base. That means every message is send in a packet. Each packet contain certain information, for example all of your movements are send to the server.
Take a look at this picture :)
As you can see both the client as the server encode there packets before sending it on the internet. If you are curious how this is done i made a detailed flowchart for this. below you will see the client sending a packet to the server :
Not only the packets are secured, critical actions as creating / deleting accounts and characters have some heavy security that i dont want anyone to know. Also the database is secured, even if someone can break into it all passwords and ciritcal information are encrypted with a custom made algoritm.
The server doesnt even bother reading bad packets, this prevent a lot of server crashes and cheating. Dont bother about 'packet hacking' because certain security bytes are random changed every minute. Also most things are logged on files by the server.
If things are really getting out of hand endless is already ready for fast IP or IP range blocking. The test resulting in checking 10000 IP range in less then 1 ms. tested on a 700hmz CPU. HD and account ban are also available if needed.