This year I came into ownership of a small PVP server and I've had to teach myself a lot of backend stuff as best as I could. We recently got UUID spoofed. I *think* it's where I inadvertently had my lobby's (my main and default server) IP set to 0.0.0.0 in the server.properties file (which I've now changed to 127.0.0.1). I read in the Spigot setup for Bungee that if proxy and server are on the same machine (we ARE using a dedicated server running Debian 9) that just setting our IPs to 127.0.0.1 is enough. It said that if we were on a shared machine that we should use the iptables firewall. Just to be safe I've tried running this command: iptables -I INPUT ! -s 127.0.0.1 -p tcp --dport 25501:25589 -j DROP using both the 127.0.0.1 address as well as our actual server IP, and both prevent me from logging on to the server. I've read some of @PhanaticD entries in the Spigot forums but I'm still not 100% on everything. Do I need to setup iptables? And if so am I doing something wrong with this command? I tried a couple of scripts but they kept having issues with 'Invalid target name' when it came to the DENY or ALLOW or even with the 'bungee' chain name. I am also looking at getting the BungeeGuard (2 part) plugin to help prevent any future issues, does anyone have any input on the effectiveness or need of that? Thanks so much!!