So basically some idiot started botting my bungee server with a service called 'mcspam.tech' and now it's always crashing because they're botting it 24/7 with 100 connections per second. How could I handle/stop this?
How sad does one’s life have to be to literally pay money to make somebody else’s life miserable? I’d recommend trying out an anti-botting plugin such as AntiBot or Bot-Sentry. I haven’t used one of these myself as I don’t run a BungeeCord network, but hopefully they work for you. Good luck!
AntiBot isn't working and I don't have money to buy a premium plugin. (I already tried a paid plugin that is now removed from spigotmc) EDIT: Some bots get up to 300 CPS (300 connections per second)
Contact the plugin developer and ask if the plugin will work for your situation. If it does work, you’ll be happy you tried it. Your situation sounds pretty serious, so I’d definitely do anything I could about it. Oh, and there’s even an extremely convincing ad for Bot-Sentry! If this doesn’t convince you to buy the plugin, I don’t know what will:
Doesn’t each bot have a different IP address? If there are hundreds of bots, how would you block each IP address manually? I read a little bit about Bot-Sentry, and all it seems to do is add a CAPTCHA so that bots will be blocked but real players can still play. That should work for any type of bot attack. While I haven’t used it myself, it does seem to me like it’d work just fine.
I would assume that they don't have unlimited addresses, as soon as there are duplicates in a short amount of time the script I posted would be able to block them. But you could probably also find a way to block all unknown addresses that do nothing but create a connection to the server. Seeing as spam services often don't actually connect with an account but only open a connection a basic captcha based bot blocking wouldn't work, you'd need to detect that it is a bot way earlier.
Someone who offers a service called "mcspam" will probably not give a damn if anyones server is spammed without permission. That's like opening a stress testing service and expecting all customers to use it purely for educational or permitted purposes.
*someone sends a hitman after you* hitman: hey i’m here to kill u, i was paid a lot for it victim: um why what did i do hitman: i dunno man. i kill first and ask questions later ¯\_(ツ)_/¯ victim: i mean i dont wanna like die or anything hitman: well sucks for u bcuz im like literally about to murder u rn victim: ummm yah but how bout u dont do that pls? hitman: oh ok srry, my bad lol. u should’ve just said that. bye bye. victim: thx man. want some tea?
You need to install fail2ban on your linux server, then follow the instructions in the two paste files. (You have to set the logpath to your's and the failregex to match the connections that are coming in)