Bungeecord security issue (!!)

Discussion in 'BungeeCord Help' started by olesien, Jul 15, 2018.

  1. Okay so we are using ubuntu on an OVH server to host, as far as I know, you NEED to have all the servers set to offline mode in order for bungeecord to work properly (and of course bungeecord set to online mode). as long as everyone tries to connect via the normal 25565 port, everything works just fine with security. However.. One thing that we have had happen multiple times even though we haven't even opened yet, is that people somehow login through our accounts as cracked versions (no we have not had our accounts compromised.. as far as we know atleast). We suspect that they use a cheat client such as Wurst to login with for example my name ("Olesien"), without a password which that client does allow (making a "cracked" account). For a normal server this is not an issue since they are online mode (making it impossible for them to connect), however this is not the case now.

    You see, even though you can't just connect to the individual ports like say 25564, because Bungeecord is set to true in spigot.yml, you can connect to those ports if you make your own bungeecord server (only bungee) and set the ip and ports to the servers. If you also disable offline mode at that in the config file (bungee), you can connect with cracked accounts... What is the best solution to prevent this?

    I have also noticed that for some reason, the individual servers don't change their motd according to the bungeecord config, but their own properties.yml's... and even though I do enable Ip Forwarding in bungeecord, it still won't let me inside of the servers directly (saying the same thing as before: enable it in your Bungeecord config).

    Does anyone know how to fix all of these? We use docker on the server, however even when I transfer and setup all of the servers on my computer the same issues remain, so it might not be docker.

    thanks,
    olesien
     
  2. download ip whitelist so they can only connect through your bungee proxy: if you do not know the ip for the proxy just type /ipwl setup in each server and join
     
  3. Thank you very much! ;) Is there however any way to make the servers kind of.. take notice of bungeecord and make that port connect through bungeecord instead of all outputting an error?
     
  4. No, you would always have to connect through bungeecord. If you want them to connect to a server directly, you could setup something like factions.myserver.com to go directly to the factions server, although i have never done this
     
  5. If you do this, you don't need Bungee Cord ;)
     
  6. not necessarily, if you wanted more than one server, you would connect via bungee, however some players like to be automaticly connected to their server, e.g. factions if there using minechat or something.
     
    • Agree Agree x 1
  7. You should use forced hosts on bungeecord to connect to a specific server.
     
    • Winner Winner x 1