IPWhitelist + Bungeecord Setup Confusion

Discussion in 'BungeeCord Discussion' started by HiiiFishy, Mar 26, 2020.

  1. Hi there,

    I have a server setup as follows: 1 (online) bungee, connected to 2 (offline) spigot servers.

    ***Apologies if this is in the wrong section as I figured this was more bungee oriented although IPWhiteList is a spigot plugin**. I have been having a problem where accounts with no UUID are able to connect despite the bungee being online mode. After some googling I determined that this could be because players are somehow joining outside of the proxy (if there are any other ways this is possible please let me know). I have installed the plugin IPWhitelist to the backends in attempts to resolve this.

    Here is my bungeecord config: https://pastebin.com/1Yi8ZESj

    1. One question I had was: Is there a way to still use forced_hosts option with IPWhitelist? My understanding was that with forced hosts the IP would still have to go to the proxy first, then be re-directed. Maybe I am understanding this incorrectly, if so is there a way to achieve this.

    2. I also saw that my third server defined in the bottom of the log says "online_mode" true. Not sure if this is required for all three / if this is the issue.

    3. Also if someone gets a hold of a 'whitelisted IP ' from an authenticated IP are they going to be able to bypass?

    Help is much appreciated!
     
  2. Update now when I use /server command it will not let me through saying I must go through proxy!
     
  3. Hello, first of all I recommend removing the IPWhitelist plugin
    if you want to avoid hacking or griefing problems basically
    this plugin is insecure and easy to bypass

    if you want real protection the best are the iptables
    https://www.spigotmc.org/wiki/firewall-guide/

    Commands like /server and /send
    I recommend you block and only be able to use them from the console for greater security

    Code (YAML):
    forge_support: false
    connection_throttle_limit
    : 3
    online_mode
    : true
    log_commands
    : false
    listeners
    :
    - max_players
    : 200
      host
    : 0.0.0.0:25565
      tab_size
    : 60
      force_default_server
    : true
      tab_list
    : GLOBAL_PING
      motd
    : '&bServer'
      forced_hosts
    :
        0.0.0.0:25500
    : Lobby
      bind_local_address
    : true
      ping_passthrough
    : false
      query_enabled
    : true
      query_port
    : 25565
      proxy_protocol
    : false
      priorities
    :
     - Lobby
    connection_throttle
    : -1
    log_pings
    : false
    ip_forward
    : true
    network_compression_threshold
    : 256
    There is something I do not understand if your server is in online mode the bungeecord
    Why do you have them in offline mode on the other servers?

    If it is a premium server, I recommend having all the servers in online mode and if it is the opposite, I recommend improving the protection of your server, including the admin account.

    Accountguard
    Exploitfixer
     



  4. Thank you for the reply, I was under the impression that this was the only way to setup bungeecord (bungee online, backends offline). When I turn all of them to online I get: Exception Connecting:QuietException : Server is online mode! Is there a way to resolve this so all of them are online?

    Thank you
     
  5. server.properties
    online-mode=true

    spigot.yml
    bungeecord: true
     
  6. Yep tried this returns: Exception Connecting:QuietException : Server is online mode!
     
  7. Try this
    in bungeecord settings
    online_mode: false
     
  8. Same error: Exception Connecting:QuietException : Server is online mode!
    It is my understanding after reading the BungeeCord setup page that backends are offline and the bungee is online.
     
  9. possibly you have something wrong in your configuration
     
  10. Looks like there is an internal issue.
     
  11. DiscoverSquishy

    Benefactor

    Ehm.. The bungeecord is supposed to stay online and the normal servers connected to it should stay offline.
    Unless there was an update that I wasn’t aware of - then I apologize. But to my knowledge bungee stays online spigot stays offline, in a network setup.