AntiMulti
This is AntiMulti. It is a plugin designed to prevent the use of alternate accounts from the same IP address. To put it simply, a player cannot use multiple accounts on the same IP address and likewise, will not be able to use a ton of IPs.
Download: Download
AntiMulti is a plugin which has undergone multiple changes from its original intent to be a simple plugin to prevent alternate accounts from being used on a server by blocking too many accounts from sharing an IP to a plugin which can also prevent session stealing using this same concept and also supporting admin protection. This is done simply by using an IP system to prevent the unauthorized use of an account by using IPs to prevent session stealing from working in the first place. All of this is completely toggle-able in the configuration file in case one does not use want to use certain features or not.
There are a few things you must understand when using this plugin. This is not a one-hit wonder in that it can stop all alternate accounts, as proxies would be able to get around this system, however common proxies would eventually be blocked after they are used enough. This does its best though to stop a member from simply using 2 accounts to gain an advantage over another player.
There are 2 groups this plugin will understand: Players and Admins. Players are normal players and are not forced to use the protection system as strictly as admins. Players are more loosely held initially by allowing more connections per name and IP, however this can be changed. Admins are more protected to prevent the taking of the account to cause problems by forcing registration and using a smaller range of names and IPs that can those accounts can share. This is all permission based in that there is a perm that designates whether the player is an admin or a player, which is just antimulti.admin, which if given, marks the player as an admin and handles them accordingly.
We do have Metrics with this plugin, so stats will be sent to our mcstats page if you are opt-ed in, where that config is located in the PluginMetrics folder.
If you have any issues, please create a ticket here with the log file and as much information as you can provide so the issue can be investigated and handled. If you have a question, feel free to ask here but please read everything first before you ask since your question may have already been answered elsewhere.
@stgram
You can use the add command to add IPs to the system, it should allow you to use more accounts for the IP without compromising the system.
/add <name> <ip>
Please set a config so we can use maybe 2 or 3 but not 10 or 20 accounts from one ip! The problem: I am a moderator in a server, I have a user acc, AND my brother plays too. We have your plugin so that we can block spam bots from the USA, but now half of the users cant join. -.- Help is appreciated.
Well, forgot to actually add a few of the functions that I was suppose to have in the first place XD I added them back, and also a notifier to tell you if there is an update
I have Beta AntiMulti 2.0 ready for release. It seems to hold steady with no bugs, but it is missing a bunch of what was in the 1.x builds. IMPORTANT: DELETE YOUR OLD FILES! THERE IS NO SIMILARITIES SO ANY EXISTING FILES CAN CAUSE ISSUES
Okay, I am having a ton of issues getting a clean re-write that has everything added to it.
I am going to scrap a few things from the 2.0 build for now and use a different system to get this all set up.
Things that will go: - Password logins Replacement: - IP login system, aka just use your IP as the password
This Plugin is amazing, i have been looking for one which does this for ages! Many thanks.
@levisn1
Your comment makes no sense. Could you explain that?
In proprieties i have set offline mode on true...deleted all files in the three folders and gave to my default group the permission antimulti.login but anyone can login....[AntiMulti] Login Failed..i use authme last version..even in cfg i set Login on true or false is the same..anyone can login..
@DreamPhreak1
Alright, yes, each part of the plugin can be toggled, so the IP checking system, the whitelist, and the 2 login systems can be toggled on or off, but only the whitelist one can be done ingame.
I have a few tests going on with 2.0.0 and a few issues have been found. Working on getting it resolved to get it released as I contemplate a name change.
@Lord_Ralex
Actually, you answered it indirectly with #1 and #4; Was basically asking if i could solely rely on the white-list over anything else (the login system) to do the job.
Thanks, and I look forward to the 2.0.0 version! :)
@DreamPhreak1
Very long comment, however I can answer them
1) The whitelist, essense, yes, if you give the group the permission, they can join the server when the whitelist is activated by this plugin. This will not affect the vanilla whitelist, and will let the vanilla whitelist have the final say if it is enabled.
2) I have already been working on that with 2.0.0, so that will be to come. I am supporting SuperPerms and Vault, so most permission plugins will work.
3) Yes, names and IPs can be added manually, and a password can be set as well during that time. This can be done thru the game and thru the files.
4) I have a toggle in the config that will let you use the login system. As it stands there are 2 phases of this. The lower phase is just an admin-only login system where only those that the force register permission need to login, which is a good defense against the MinM attacks that have been popping up now and will not affect your regular members. The upper phase forces everyone to register and login.
4) Your very last thing about the theory is a bit confusing the way you worked it. Could you give a better explanation, maybe a senario?
So im trying to understand what exactly this plugin would do by just reading the features; If i am correct, if i added multiple groups to the whitelist, any group that ISNT on the whitelist WILL be affected by this plugin?
Also, instead of only supporting PEX, perhaps if you modified the code to work with Vault (http://dev.bukkit.org/server-mods/vault/), you would be able to support all (or most?) of the permissions systems listed on the vault page, like my servers all use Essentials, and i would really like to see how that Whitelist feature works.
Another thing though, by reading one of your comments below, is that you can add names and/or ips to the list manually? If so, ok i like it.
And one last thing that is just me wondering: Is it possible to somehow have the login system disabled? Ive been to other servers that DO have a login system, and i really dislike that idea of having to login, especially when your base is under attack and you dont have time to be filling out forms! The theoretical way to do this for me would be to add groups to the whitelist (my groups would be the 3 vip ranks, 2 moderator ranks, and the admin rank), so they wont be blocked at all, and then having the default rank un-whitelisted so they are logged and monitored. ((Login System "On" by default, but able to turn "Off" in the config?))
Thanks for reading! Ill subscribe to be notified of new comments and updates. :)
@nivpro312
It saves all the IPs that they have used, and all the names that the IP has have connected.
its save the last login ip?
Development of the 2.0.0 has slowed while my computer kills itself. My Win 7 OS is killing itself and the Ubuntu os I have set up is not entirely to work well.
@ReconDR23
Yeah, I have decided that I might as well keep my system in place, but do a lot of changes to have it be optional, and to allow support for xAuth and AuthMe.
I would rather you keep the login because i want to be able to secure Ops accounts and have Ip locks on all accounts, xAuth and authme don't allow this. they only allow ip lock and password
After a bit of work. I now have the dev link back up and running again. It will be buggy, and might have issues. Once I have tested it and am happy with it, I will get it fully released.
Few things, the mySQL is not working in it, this is due to the way I am dealing with it. I will update the pages here with the new info.
After a bit of thinking, I might look into removing my login system, but hooking into xAuth or AuthMe and use those for logins. I might see if I can set up what I have mine doing with those, as they are more developed and are better than what I have.
@colgatiN
Which link? The dev link is down atm while i get the latest version fixed for testing