With this features you can block excesses via the spigot door.
You can decide whether or not to enable this features.
# ------------------# Port Bypass Prevention SettingsPort_Bypass_Prevention:# --------- < ? > ---------# If your spigot is on the same machine as the proxy, this feature will not be needed!# This is because you can set the IP of the spigot to 127.0.0.1, # and change it also in the proxy (only the target of the spigot server, if you put this ip in the proxy it will not allow any user to enter).
# The ip 127.0.0.1 is a private ip, it means that it will be read only by the machine.# In this way it will be impossible for everyone to be able to enter through the port,# only the proxy will be able to connect, and let users in.# # If you use the proxy on a machine other than the spigot, the use of this features is recommended to increase your security!
# I also recommend that you block the port and make it accessible only through the proxy, see this guide:# --> https://www.spigotmc.org/wiki/firewall-guide/enabled:false
This features makes sense to activate it if you use the proxy on another machine, than where the spigot server is located.
If it is active, it will broadcast the violation report when it is triggered.
# If it is "true", the login attempt through the port will be sent to the chat.warning:true
With this you can enter in the list the IP addresses in which the player can access within the server. So you have to put the ip of the proxy where the player will connect.
# --------- < ⚠ > ---------# You must enter the IP that you find in the config of your proxy.# If you have set "0.0.0.0" or "127.0.0.1" you have to change them by entering the exact IP of your machine.## If in the proxy you have set the IP of the machine, you will have to enter it in this list!# If you set 0.0.0.0 or 127.0.0.1 it could be bypassable. So this feature would be useless!# Here you have to enter the proxy IP.# This will prevent malicious users from being able to enter via your server port,# but only via the proxy IP.# The default ip in the "10.1.0.5" list is just an example, you have to put the IP of your proxy in it.whitelisted_ips: - '10.1.0.5'
The default ip is just an example! You need to set the one of the machine where the proxy is located.
SAFETY NOTICE! Do not whitelist ip: 0.0.0.0, or 127.0.0.1. Login attempts will be blocked to ensure your safety.
You can decide whether to get kicked if you try to log in from 0.0.0.0 or 127.0.0.1, or not. It defaults to "true" for security, but you can disable it at your own risk.
# If it is active you will not be able to put as IP: 0.0.0.0, or 127.0.0.1.# You will be hunted at the attempt! If you are aware of what you are doing you can turn it off.safety_kicks:true
Here you can set the message that will be shown when the player attempts to enter through the door.
# This is the message that will be shown when a user tries to join via the server port. kick_message: '&6&lBETTER SECURITY\n\n&7You &ccannot &7connect directly via this port.\n&7You have to enter through the ip &bmc.example.net&7.'
You can use "\n" to go to line break.
Here you can set the message that will be shown when the player tries to enter through the door but is already online.
# Additional security system that kicks the player trying to connect if they are already online.already_connected:enabled:true# Message that will be shown during the kick.message:'&6&lBETTER SECURITY\n\n&7You are already inside the server,\n&7you have been &ckicked&7 out!'
You can use "\n" to go to line break.
If your spigot server is on the same machine as the proxy, you can best protect it by doing the following steps:
1) Change your spigot IP address, through the "server.properties" configuration, to 127.0.0.1
But why exactly 127.0.0.1? Because this is a private IP, which will only be read by the machine. This means that no one will be able to enter from outside.
2) Replace it in your proxy as well, for example from the BungeeCord.
If you have done these 2 steps, the port will be blocked, and you will only be able to access the server by entering the proxy. In this way you can also not activate this features! Your server in this case will be 100% secure about the ports.
If you use a proxy on another machine than where the spigot server is located, I recommend that you activate this feature to be safer! And to follow this guide, for more information click HERE.
1) Activate the features, and configure it as explained HERE.
2) Make sure that your proxy, for example the Bungeecord, has the IP of your machine, and not the default 0.0.0.0
3) Enter the IP of your machine on the whitelist, for information click HERE.
