Encrypt Client Connection

Discussion in 'Spigot Discussion' started by DanielNaaman, Apr 28, 2017.

Thread Status:
Not open for further replies.
  1. DanielNaaman

    Supporter

    Hello everyone!

    I'd like to know if there's a way to encrypt the connection between the client to the server.

    Thanks in advance!
     
    #1 DanielNaaman, Apr 28, 2017
    Last edited: Aug 26, 2020
  2. Interesting! I'd like to know this too :D
     
    • Friendly Friendly x 1
  3. For that you'll need to control the client
    So basicly impossible.
     
  4. DanielNaaman

    Supporter

    Are you sure? Because I'm almost certain it's possible to connect a player through a VPN service or a proxy service.
     
    #4 DanielNaaman, Apr 29, 2017
    Last edited: Jan 25, 2020
  5. As far as I know, the client is the one who needs to support a connection such as SSL. Minecraft (again, as far as I know) does not support this. You could create a VPN tunnel, but why?
     
  6. DanielNaaman

    Supporter

    I'm providing clients with hosting solutions and many of them want better and secure connection. Some cases are better and some are worse, when a staff member is badly using his priveleges to make DDoS attacks on members. A charge has been arealdy sent to the server couple times for this and they had to pay. Because its a cracked server then its pretty much impossible to blame the staff member because they don't know who he really was. So now there is the question, how do I protect a player's connection?
     
    #6 DanielNaaman, Apr 29, 2017
    Last edited: Jan 25, 2020
  7. Wait, so your staff is ddosing your server members? How is that not their fault?
    If from some weird enough reason you want to hide players IP from your server, first of all, that's a plugin that allows the staff to get the IP's, because the server normally doesn't send other clients IP to clients, and second, by encrypting the player connection you don't really do anything
    Encryption works as the following:
    "Pizza" -> Encryption using a key -> "[email protected]!" -> Decryption Using a key -> "Pizza".
    So by encrypting you really just protecting what they actually did on the server. No thier IP.
    That would cause them to install a third-party solution for encryption, Would cost computing power, bandwidth and memory.

    The easiest solution would be either to vet your staff, or remove the plugin that allows them to view members IP.
     
  8. md_5

    Administrator Developer

    Yeah this thread makes no sense.
    If you don't want staff to ddos players, make sure staff can't view players ips.... or hire better staff
     
    • Agree Agree x 6
    • Funny Funny x 3
  9. That's what I said :p
     
  10. There are mainly 2 ways:
    - Let the players connect through bungeecord
    - Removing staff's access to view ips.
     
Thread Status:
Not open for further replies.