Server Privacy/Security... (a matter of utmost importance)
i mentioned here before that i am making a bungee server network. i plan for this project to be HUGE. the issue i am addressing at this time is some basic server privacy/security.
it turns out that my servers ip and port are required to connect to the bungee. it’s also required to put the spigot servers in offline mode. this means that if not for bungee, cracked clients can connect to the server.
you know the server list? the one that can be accessed through multicraft panel. from there, my servers and the servers of others can be accessed to display some basic information like server ip and port. the only things needed to connect a server to a bungee instance or to access the server through a cracked client using the name of the server owner. (my servers highlighted in green. other peoples servers highlighted in red).
this makes me feel very uncomfortable. it should be made so that this information cannot be accessed by random people.
does anyone have any ideas on how i can protect my servers against attacks like the ones i described?
I have always been scepticle about this /:
When i have servers that are there to testing purposes that are NOT linked to the actual Bungee Server. I get a bunch of randoms joining. They start breaking stuff. Maybe when you’re afk etc.
It’s possible when you go to your Multicraft Panel you can change “Server Visibility” to “Owner only” under the “Visibility Settings” of your server overview. “User’s with roles only” it makes it so anyone YOU gave access to your server can see it but not random people. “Owner Only” Makes it so that only the person who owns and PAYS for the server can see it. Lastly, “By Default Role” is anyone on the panel who can log in with a username (anyone who is a registered user on the panel)
Don’t forget to save after changing your settings!
i sent in a ticket about it and they let me know of that. they said there was a bug or something that made the permission not work and they fixed it. i don’t know. i can still see the information of other peoples’ servers. i’m going to reply on the ticket to make sure it’s fixed properly.
If we fix that setting, its only for orders going forward (new servers from that point on), we do not really have a way to change all the servers on a panel to a specific view settings without running the risk of changing someones settings who wants them the way they are. Your best bet would be to do what @_xXMAXXx had advised.
I Apologize if our staff had given you information that may have confused you.