Jump to content

Making server more secure


YourFavDev

Recommended Posts

Hello everyone, I think all of you that are playing CL tekkit server are aware of issue with hackers, soo I want to give my idea about the solution for alts. (No need to change server to premium).

Main idea

The main idea is to make server playable only for verified on forum players. What does it mean? It means that players would need to create form on forum if they want to start playing server, and an staff member will gonna need to add that player to whitelist.

How it works?

Let's imagine CarlLS found CL server, he tries to join and is not able to cause it is saying that he is not whitelisted and he needs to go to forum to create request topic,.

He created topic with request, after that an staff member reviewing the topic and decides if allow that player to enter server or no cause of an issue. If staff member gives him approval, then staff member adds him to whitelist, and CarlLS is able to enter server, play and have fun with others.

How it helps?

It helps (Not 100% but atleast somehow will) to prevent ALT profiles and ban evasions, soo after people that are hardly violating rules, will not be able to enter server again in same second as they getting banned.

Why it is better then making server premium only?

As I see, then tekkit server is being player by premium and also non-premiums users, if for example we would make it only premium only, we could loss decent amount of players that are able to play tekkit on CL and loose already existing players, so by this idea you would allow to play for premium and non-premium players when at the same time it is possible to prevent activity in server cause its will be harder for those who want to do ban evasion to get back in server.

 

Please tell what you think about this idea and if you have any suggestion tell them in the comments.

This idea is to prevent people that right now are trying to do harm to server and doing ban evasion.

Link to comment
Share on other sites

8 hours ago, DaBe00593 said:

Actually, other than the obvious flaws to this plan being its up to staffs desecration on who gets to join. A whitelist is impossible because the maintenance uses the servers whitelist function.

It does not have to be for all the time, at least temporary for this period of time, when those people that are crashing server and spawning animals all around map won't get inside server with alt in same minute as they getting banned.
About whitelisting, If I am not wrong (Please fix me if I am wrong, I am not 100% sure about this), then whitelist player list is saved in different file, soo when maintenance is going on they can switch up files with staff only whitelisted.

I know this is not the best idea and have some flaws, and this will not stop/prevent those hackers that are right now, but at least it could slow down them, soo they won't get into server in same second after getting banned.

Link to comment
Share on other sites

 

9 hours ago, DaBe00593 said:

Actually, other than the obvious flaws to this plan being its up to staffs desecration on who gets to join. A whitelist is impossible because the maintenance uses the servers whitelist function.

That's not really the problem, if we wanted to do this we would build a plugin around it rather than actually using the whitelist. Like, you would be similarly like not having /registered or /login'd had you not verified.

 

But it's an interesting idea, and I understand your thought, making it an inconvenience for the one there to do harm, and while for every other player it's a piece of cake, as they already have a forum and can verify instantly.
Well, that's unfortunately not the case, far from all of our players have a forum account so having a system like this would not only cause an inconvenience for the person with ill intent, but also our players. Especially much so if they need to wait for manual confirmation from staff. This would cripple our influx of new players to the server, and that is crucial for a healthy server. 

I like your ide and it's thinking outside the box, but I don't think this is a iteration that we can go with, I'm afraid.

Link to comment
Share on other sites

26 minutes ago, Henk said:

 

That's not really the problem, if we wanted to do this we would build a plugin around it rather than actually using the whitelist. Like, you would be similarly like not having /registered or /login'd had you not verified.

 

But it's an interesting idea, and I understand your thought, making it an inconvenience for the one there to do harm, and while for every other player it's a piece of cake, as they already have a forum and can verify instantly.
Well, that's unfortunately not the case, far from all of our players have a forum account so having a system like this would not only cause an inconvenience for the person with ill intent, but also our players. Especially much so if they need to wait for manual confirmation from staff. This would cripple our influx of new players to the server, and that is crucial for a healthy server. 

I like your ide and it's thinking outside the box, but I don't think this is a iteration that we can go with, I'm afraid.

I understand what you mean, like I said it could be temporary solution till issue with those people that in this period of time are trying to harm server will be fixed.

I understand that it can be issue for new players, but I think that they may understand that this solution is to avoid harm for server so people could play there safely and have fun without being interrupted with server crash and spawning animals.

I think it is better then having new players coming, seeing all this and then leaving, cause I already saw couple new players asking is it all the time like that.

It is not possible to play normally when people are trying to do harm to server and other players, cause having crashes many times + many spawning animals that may cause lag for those players that are playing on low-powered machines is pretty annoying.

Link to comment
Share on other sites

Lag is not the issue here, it's security which currently only provides an inconvenience to genuine players and not the hacker(s). 

Is the hacker using Minecraft accounts or using some smart way to enter the server just using Craftersland login details?

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
×
  • Create New...

Important Information

By using this site you agree to the following Terms of Use, Guidelines and Privacy Policy. We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.