- Native Minecraft Version:
- Tested Minecraft Versions:
Denies entry to people who use VPN, unless they are put on a whitelist.
This plugin requires a mysql/mariadb database.
This plugin does not log the IP's used by the user. It only keeps in the database the UUID of the user and who whitelisted the user and when.
Whitelisting cannot be done from terminal. Mostly because I considered that scenario too late, and didn't feel like rewriting the entire whitelisting chain for that use case.
Creating a mysql/mariadb database on linux or the windows linux subsystem
Enter the database name, username and password in the plugin config.Code (Text):sudo su root
mysql -u root
CREATE DATABASE `<your_database_name_here>`;
CREATE USER '<your_username_here>'@'localhost'
IDENTIFIED BY '<your_database_password_here>';
GRANT SELECT, INSERT, UPDATE, DELETE, CREATE, INDEX, DROP, ALTER, CREATE TEMPORARY TABLES, LOCK TABLES
/vpncontrol whitelist add <playername> - Adds a player to the whitelist for people who are allowed to use a vpn
/vpncontrol whitelist remove <playername> - Removes a player from the whitelist
/vpncontrol whitelist status <playername> - Gets the status of a player on the whitelist
/vpncontrol refresh - Deletes all whitelist entries in the database, loads new from github.
Java and mysql
It may be that there is no mysql connector installed for java on your server host.
If this is the case when you try to load the server with the plugin installed you'll get an error like this:
Example of error messageCode (Text):Caused by java.lang.RuntimeException: Can't load resource bundle due to underlying exception java.util.MissingResourceException: Can't find bundle for base name com.mysql.cj.LocalizeErrorMessages, locale
To install it ssh into your server and execute the command
Should this not work, giving a message *"Unable to locate package libmariadb-java"*, like on some debian buster servers, download libmaria-db from a server here: https://packages.debian.org/buster/all/libmariadb-java/downloadCode (Text):sudo apt-get install libmariadb-java
Upload it to your server and run
ConfigurationCode (Text):sudo dpkg -i libmaria*.deb && sudo apt-get -f install
When the plugin first starts it will write a plugin file to server_path/plugins/VpnControl/config.yaml
mysql-host The IP adress of your mysql server. Usually this will be localhost. But if you have a dedicated mysql server enter it's IP here. Usually you don't need to change this.Code (Text):
blocked-message: You haven't registered as a VPN user with this server. Register as
user at https://www.example.com
notify-message: <player> has joined via VPN.
mysql-port The port on which your mysql server listens to connections. Usually this is 3306.
mysql-database The name of your database. This is what you entered after [code single]CREATE TABLE[/code] if you used the commands above for setting up a database.
mysql-username The username of the user that can access your database. DO NOT USE ROOT! please create a dedicated user with [code single]CREATE USER [/code]. Using root is bad, m'kay?
mysql-password The password for the above user. Always use a password.
blocked-message The message you want to show when a user joins that uses vpn and isn't whitelisted. It's recommended to add a website/discord url where they can register.
notify-message People that have the vpncontrol.notify permission will get this message when a whitelisted user using VPN joins. Use <player> where the username of the player that joined should go.
There are 3 permissions in this plugin
vpncontrol.whitelist Allow users with this permission to add and remove users from the vpn control whitelist
vpncontrol.refresh Allow users with this permission to refresh the IP list of vpns
vpncontrol.notify Users with this permission get a message when people using vpn join
The list of vpn's used is pulled from https://github.com/tschallacka/VPNs.
Should a vpn user connect, that isn't on this list, please create an issue with the offending IP and I'll research it and merge it and other IP's of that provider I can find into the list.
This plugin does not automatically check yet for an update of the IP list. The command /vpncontrol refresh is currently the only way to refresh that list. Don't run this every day. It most likely won't be updated every day as IPV4 adresses are limited. Future versions will contain an automatic check.
Refreshing IP's takes about 30 seconds on a moderate server. It will take longer when I implement IPV6 support.
This plugin currently only checks for IPV4 connections and not IPV6. If you server is setup to listen on an ipv6 port, this plugin will not stop vpn connections from there yet. It might in a future version if I come back to it.