2 Seperate machines (wanne avoid the exploit)

Discussion in 'BungeeCord Help' started by _Glenn13_, May 2, 2017.

  1. hello,

    i have 2 dedicated servers at my house and i wanne open them both... but i cant only use 127.0.0.1 as local ip adress then i need to use the machine ip address means it will open the ports so other people can see it and use the bungeecord exploit to join making on bungeecord using server ip adress and port.. is there anyway u can help me fixing this.. i tried using ipwhitelist but it doesnt work
     
  2. Use onlyProxyJoin
    I had the same problem my network was griefed several times with the reports of staff (People were using cracked to join as staff thru the offline servers)

    Untill i installed this i had no problems after i installed the plugin.
    (You need to install it to every server exept proxy)
     
  3. i used this and it didnt work..
     
  4. Host BungeeCord on the public IP and the Spigot servers on a local IP.
     
  5. JamesJ

    Supporter

    Or you could just use the systems (most likely) built-in firewall, and prevent connections to <YOUR-SPIGOT-IP>:pORT from everything other than your proxy's IP...
     
  6. Just change server-ip to localhost in your server.properties of each spigot server.
    Localhost means you can't access it from somewhere outside the network. So only your bungeecord is in your network and has access to it.
    I used iptables before but changing server-ip to localhost is the easiest option!
     
  7. Localhost means only the machine itself can access it, and not "outside the network". If you want it for the local network only, use a local IP such as 192.168.x.x.
     
    • Agree Agree x 1
  8. that still opens the port.. i tried this when using the 192.168.x.x port you can still enter it
     
  9. It's normal if you can access it from your own network. Did you try to connect from another network?
     
  10. in bungeecord the host is set to 0.0.0.0:25565 how i do that with iptables block all connections i tried doing this but it didnt succes ended up no people allowed to join atall
     
  11. ofc i did ;/ using neighbours. i meant when you use 192.168.x.x for server ip people from outside the network can still enter it using their own bungee avoiding the login servers
     
  12. Well yeah because you're from the same network I assume. Test it using a VPN or proxy or have a friend try it.

    Do you know the difference between 127.0.0.1, 192.168.x.x and 0.0.0.0?
     
  13. kinda, would be awesome if someone tells me what to use to hide them both ;/ because the 127.0.0.1 is hidden ofc because its local but the servers on the second machine arent hidden because of use of 192.168.x.x ip address
     
  14. This is how it would be:

    [​IMG]

    • 0.0.0.0 - will bind itself to the most publicly accessible IP, basicly your external / public IP. The entire internet will be able to connect to this.
    • 192.168.x.x - is your local network. Only machines from the same subnet (your home network in this case?) will be able to connect
    • 127.0.0.1 - only the machine itself can connect to it.
    In the example below I used 192.168.x.x and 127.0.0.1. If your BungeeCord is hosted on the same machine as the Spigot servers, you can use 127.0.0.1. If Spigot and BungeeCord and seperated on different machines, use 192.168.x.x
     
  15. i understand but i have 2 systems and the ports forwarded is this needed or am i doing that wrong because if they use the ip of server adding port behind they can see the server online.... and then adding to a own bungeecord and they got inside with my account thats the issue
     
  16. You really have no idea what you're doing do you? Simply do what I did on the image I drew and only port forward 25565 for BungeeCord.