AntiMulti
This is AntiMulti. It is a plugin designed to prevent the use of alternate accounts from the same IP address. To put it simply, a player cannot use multiple accounts on the same IP address and likewise, will not be able to use a ton of IPs.
Download: Download
AntiMulti is a plugin which has undergone multiple changes from its original intent to be a simple plugin to prevent alternate accounts from being used on a server by blocking too many accounts from sharing an IP to a plugin which can also prevent session stealing using this same concept and also supporting admin protection. This is done simply by using an IP system to prevent the unauthorized use of an account by using IPs to prevent session stealing from working in the first place. All of this is completely toggle-able in the configuration file in case one does not use want to use certain features or not.
There are a few things you must understand when using this plugin. This is not a one-hit wonder in that it can stop all alternate accounts, as proxies would be able to get around this system, however common proxies would eventually be blocked after they are used enough. This does its best though to stop a member from simply using 2 accounts to gain an advantage over another player.
There are 2 groups this plugin will understand: Players and Admins. Players are normal players and are not forced to use the protection system as strictly as admins. Players are more loosely held initially by allowing more connections per name and IP, however this can be changed. Admins are more protected to prevent the taking of the account to cause problems by forcing registration and using a smaller range of names and IPs that can those accounts can share. This is all permission based in that there is a perm that designates whether the player is an admin or a player, which is just antimulti.admin, which if given, marks the player as an admin and handles them accordingly.
We do have Metrics with this plugin, so stats will be sent to our mcstats page if you are opt-ed in, where that config is located in the PluginMetrics folder.
If you have any issues, please create a ticket here with the log file and as much information as you can provide so the issue can be investigated and handled. If you have a question, feel free to ask here but please read everything first before you ask since your question may have already been answered elsewhere.
@Lord_Ralex
Nice :D Will commence testing as soon as I wake up but can't do it right now as it's 7am... I really gotta learn to sleep at night lol.
Thanking you. :D
@Lord_Ralex
Sorry for the late reply. Version is 1.9/CB 1.2.3-R0.1.
I was thinking maybe I could ask my dev to kock up a quick plugin to extend the kick time on flying to just buy them enough time to do the command required after logging in. That would solve it, well you'd think so anyway but you never know lol.
If there is anything else you need to know or need a tester, just give me a shout as we are constantly testing our own plugins so one more wont hurt :P and afterall we get to enjoy having it on the server. Win win lol.
Uploaded 1.9.1, just to fix the file issue and the add command. They should be fixed now. The new config has the mySQL login info section, but this is not used yet.
<<reply 581773>>
As for the issue you are having, what version are you using? I did not actually test bug that but it worked in the past…. it might be a bug, although I thought it should have worked though
As for the flying kick before they can register, there is not really much I can do against that AFAIK. You could change allow-flight in the server.properties to be false, but I am not really certain there would be a way to stop that: Correction, I have a possible fix to that, but it will be a bit odd.
As for the password security thing, I actually did not think of that at all. That would actually be a good addition to it. Password length would be easier to set up, but I think having different levels would work too.
And no, I don’t mind the long post at all, I think it is actually better. You explained it, unlike just saying x doesn’t work, end of story. I like writing long things, so I am used to them xD
@Lord_Ralex
Hello again. I found that command just after posting that comment but for some reason it seemed to not work.
Um, you'll probably tell me this is already planned/in next release or something lol but I was thinking if it would be possible to set password strength/length? Just thinking of ways to slow down the people we do not want on our server. People that actually want to play and are not there just to be malicious wouldn't mind even a required high strength password - which again if possible could have a permission node overide allowing any player with that node to use a weaker password for easier/faster login.
Just some ideas anyway as security is a strong issue atm so we're doing a lot of thinking on the server to tighten security to allow our players to play with minimal hassle from the unwanted ones.
Sorry about the long ass post. I hate having to report problems back to devs, makes me feel a bit rude. lol. A plugin dev that works with me can find some peoples feedback rather frustrating but somehow doesn't mind me pointing out a number of bugs or suggesting constant expansions on our own plugins. lol. I always feel I ask too much of the devs of Bukkit but in comparrison to many people I ask very little haha.
Anyway thanks again. :D Hope my feedback helps - if it is bugs I am experiencing and not me just being stupid.
And yeah, I need to actually update the entire site here to get all the new info about it in
@MuttzNutz
I already have such a command.
/am add <name> <ip>
That will allow you to add a name to an IP and vice versa, an IP to a name.
You can still have in the config the maxes be at one, and use the add command here to allow selected people to have 2 IPs.
This is sweet!, just what I was looking for. Is there any chance of adding a couple of functions via commands? One to allow a person with a certain perm node add extra IP addresses to a user name, for example, I play at 2 different locations and so have 2 IP's but on my server I would like it that regular players can only have one registered IP unless they are trusted or apply for more. Also that applies to the players account name too as again I have 3 separate accounts that I connect from the 2 different locations but to limit spammers etc being able to change their account name to simply continue spamming I would like the server limited to one account per IP unless a person with a certain perm node add additional accounts to the IP address. This then also allows players that share an IP, example, family members apply on our forum for an additional account name to be added.
Thanks for reading.
I have 1.10 made, but I am going to hold off on releasing that one. I will release 1.11 which will have the mySQL setup in it, I plan on having it working.
I will also add a few more commands.
UPDATE:
Well, I was just told of a small bug in the plugin, which was my fault basically. I will have this fixed in 1.10, where I plan on having a mySQL option set up as well as having the infinite setting also added.
Also, Essentials does conflict a little in that if a player tries to use the same name, Essentials will kick the player in the game. Going to work on a bug fix for that.
Few answers to your questions (not in order, just answers)
1) I am working on getting mySQL set up with the plugin, but that is proving a bit more difficult since the way this is completely set up, so I am working on getting that completely fixed up.
2) AFAIK, this should actually kick players from logging in if there is another account that is in the server with the same name. I did not really test this theory, but I thought I had it set to kick them. This might be an issue that is related to Minecraft itself, not sure though why it is kicking them beforehand. Did you test this without Essentials?
3) That setting (Max-IP-Per-Names) is designed to restrict players from using a ton of IPs to login, almost designed to help prevent hacked clients from using other player's name from logging in with their name. I am not certain what you were meaning by this, if you wanted to achieve what you wanted, you can just change this to be some exceeding large number. I might add in a trigger that if it is set to 0, it will be infinite (well, infinite in the sense to what Java will allow)
4) As far as I am aware, this is working with the latest builds of Craftbukkit so I do not need to release an update for that.
when essentials is loaded along with this plugin it allows for the player to be kicked when the same player with the same ign
so it will say logged in from another location :|
could you fix the max ips per name if i set above 1
like so
Max-Names-Per-IP: 2
people can get on as much as they can
but over all :D i will donate if you update this plugin i just got a 20 dollar donation ill give it to you if you fix this well maybe 10 :P i don't know well see O_O
@dunem666
this is not true your gut a kid :P is ok we all grow up some day
any updates coming soon?
kinda pointless if the player has another account spare after they just change their IP.
i can change my ip by restarting my router.
@MCJunkie1972
It has features that admins can use to allow such players to connect. I know that is always a possibility, so I added in stuff to let them get by the IP system. It was mainly a counter to the players that have tons of accounts, like the alt database, and can help stop that unless they can get the proxies set up.
I dont see how this would benefit players who live with other players, such as brothers, or roommates. They connect from the same IP/
Against my ideas, I am going to release 1.9.0.
It has a md5 security for the passwords, meaning that they are protected from people, even if they can view the files. I have added the add command back into the plugin, and changed how that will work now.
I have fixed a few issues with the login system, and it should work correctly now.
WHEN YOU UPDATE, DELETE YOUR OLD FILES
@omgitsmit
You would have to edit the plugin.yml file in the jar, but I can make a jar that does not have the login system in it.
@soliddanii
The issue with proxies is that they can be hard to hack quickly. I have not tested this, but to be certain, I would have to say no, because of the way that proxies works to begin with.