Spam login attempts?

Discussion in 'Spigot Help' started by 207306, Feb 5, 2020.

  1. So, Last night someone decided to 'exploit' my server by sending loads of fake login attempts to port 25565. Running spigot seemed to max out my CPU causing everyone to have 1 bar connection and not being able to login.

    I Switched to bungee and the problem sorta fixed itself. My question is, How do you block an attack like this? Here are my bungee logs from the attack.

    https://pastebin.com/raw/aLvufAP5

    Spigot doesn't show any sort of connection being made to the server, Just the CPU going wild.


    Here's the connection graph during the 'attack'
    https://i.gyazo.com/9d34a77e105ff7d2b4982240401b17c6.png


    I've tried using multiple DDoS protection companies to filters this but obviously they don't work.
     
  2. Hi, are you not using any antibot?
    I recommend these plugins
    https://www.spigotmc.org/resources/2ls-exploitfixer-professional-server-antiexploit.62842/

    https://www.spigotmc.org/resources/2ls-antibot-the-ultimate-antibot-plugin.62847/
    https://www.spigotmc.org/resources/⚡-bot-sentry-⚡-the-best-antibot-plugin-stopping-all-type-of-attacks-bungee-spigot-compatible.55924/
    with this you shouldn't have any more problems

    I also recommend changing your bungeecord
    https://www.2l-studios.com/flamecord/
     
  3. I Don't think you can block this attack with Bungee/Plugins, to be honest. There just pinging the server. I'm using everything you suggested : P

    Bungee does help a lot, but sometimes users have to connect 2-3 times. Still have 30 people on lag-free tho.
     
  4. You could increase the amount of netty io threads that get created. Default is 4 I believe. The pings are handled async until a certain point.
     
    • Like Like x 1
    • Agree Agree x 1
  5. Are you totally wrong is the only way to stop these type attacks have you bought bot-sentry?
    what is your discord?
     
  6. Interesting. Have you tried using TCPShield? You might wanna take a look at that.