I don't know what infrastructure is put in place for these types of major esports events, but it seems to me that if MSG/S397 are trying to use the same ones that are used for the consumer average-Joe versions of the game, it will continue to fail spectacularly as this one did.
First, this needs to be put on dedicated hosted servers from a reputable game hosting company. If I understand correctly, in the middle of the race this server was moved to a completely different system/domain because the IP address for the original server had been compromised. That should never, ever be necessary to do. I have seen screenshots that imply the Steam servers list for rFactor 2 listed the LMVS 24h server along with all of the 'consumer' servers. That should never, ever, happen. That server needs to be hidden from the world. When you connect to iRacing, there is a single URL into the farm, and internally the software will determine the IP addresses but the actual server itself is never exposed, only the path into it. That path is as fully protected as it can be from DDoS type attacks. Now I gather that sim racing makes it difficult for these security systems, because there is a high volume of traffic of small size constantly coming in, which is probably exactly the same in profile to what a DDoS attacker would use. But the best hosting companies know how to address this.
Now, I don't actually believe the server was DDoSed: I think what was happening, was lots of people trying to attach to the server as spectators or in some other role. I think the way the standard dedicated_server is written, you can connect to it in various roles as a spectator and race control and suchlike (i.e. not a driver). I also have a suspicion that the actual system responsible for rendering the race visuals, attaches as one of these standard role types, because that is just making use of code that already exists. But its been known to cause troubles for ages. So, I think there is a need for a completely different server component for esports races, that cuts out all of these other roles that have been defined, and instead operates new ones with new code that only the esports events can utilize. That would cover the rendering of the graphics, and also race control functions and also team manager type monitoring functions. So this probably means including new client systems/modules for those roles, as well.
Finally is the code used for the clients (drivers) themselves. Since Steam allows the idea of non-public betas, thats what should be used for all drivers. Regular users should not even be able to get at that code. Thus, the special esport client can also have different code to the regular consumer code. I believe that content (cars, tracks) can be made available only to those on specific betas. This will also mean that regular consumer users can't even connect as spectators to view what is happening because (a) that won't have access to the beta code and (b) their regular content won't be the same as the esports content.
There needs to be significant investment made to the esports-only versions of the systems used for these events. It's the only way to make it work. Those need to be customized solutions and means that regular Joe users can't interfere with them.
