Bungee bypass

Discussion in 'BungeeCord Help' started by Rxbotsgamer101, Jul 17, 2018.

  1. Hello! So we experienced a grief to a server due to a bungee bypass, I don't even know how people are bypassing my bungee server, I even have setup IpWhitelist properly and it still happens, But for some reason, They can not connect to my skyblock server, but can bypass straight through to prison?
    All my servers are 1.12.2, Bungeecord is latest aswell!
     
  2. IpWhitelist is bypasseable if the hacker have a good client. Use a Firewall instead...
     
  3. i think you need also enable in spigot.yml bungeecord true
     
  4. Dont change anything, the hacker still join through the servers and not through bungee. He need a firewall...
     
  5. are you sure you have proper;y set up ipwhitelist?
     
  6. Is there anything other then a firewall, I could use?
     
  7. No, if you make another solution, the “hackers” still modify his program to bypass... Is more recommended to block the server ports and change the server-ip on server properties to 127.0.0.1 with this the hacker cant scan your ip i guess
     
  8. Use google, is free. You’re not the only one with this problem. Make a search about this
     
  9. Are we really talking about it? The first things u should do when u create a server are putting the bungee with the host yourServerName:25565 then in the spigot server.properties set the server-ip to 127.0.0.1, nowadays there are too many griefing kiddos... U can configure ipwhitelist too, after u made this
     
  10. No need for crazy plugins. Just enable ip-forward in the bungeecord configuration.
    Works lile a charm for me.
     
  11. That should be enabled by default, i don't think he's so crazy to disable it
     
  12. It's disabled by default
     
  13. Oh, i failed sry
     
  14. Putting 127.0.0.1 as server-ip prevents Bungee attacks like that. Just tested it.
     
  15. Nope, there are ways to get inside even with that, for this reason u have to close ports with iptables or use a plugin
     
  16. ...like what? In my tests the minecraft client errored as if it was a closed port. I do agree that a firewall is best, but..?
     
  17. Who cares what a minecraft client thinks, it's about getting any data through. If the fix was that simple we wouldnt have a wiki page for proper firewalling.
     
  18. I mean that without a minimal firewall coniguration a server is at risk, if you configured iptables to lock some ports you should be safe yet
     
  19. Binding to 127.0.0.1 does not make it listen on any 0.0.0.0: port. You would not even need IPWL then because nobody else than anything on the machine could access the server
     
  20. Yea, i meant to use an ian iptables configuration or ipwhitelist