IPLock
Protect your players! >> have a second login
This plugin allows you to require everyone or just selected players to authenticate their IP with a password set by them. This creates a second layer of security for servers. All data is stored encryptet on the server for maximal security. If someone joins with your name, but not with your IP he will be kicked. This plugin works great to protect admin and staff accounts on offline servers.
Setup
- Copy JAR to your plugins folder
- Edit the settings.yml in IPL folder => everybody:false means that IPLock is not required for everybody... true is self-explaining ;-)
- In case you have a firewall on your server make sure to free port 2004
- Give all users that you want to use IPL the permission node ipl.basic
- Each user with ipl.basic needs to login and use "/ipl register [password]" to make it function for them
- Dowload the updater, link appears ingame when you register
- Once they have registered they open the updater tool and enter the server info, then click start to update the server with their IP
Source
GitHub: volpi3000's sourcePermissions
- ipl.basic - Gives access to register with the server
- ipl.admin - Gives access to manage users
Commands
- /ipl help - Show IPL Help (ipl.basic)
- /ipl register [password] - Register yourself with the server (ipl.basic)
- /ipl unregister [username] - Remove a user from the list (ipl.admin)
Example Config
Upcoming Features
- WebInterface
@volpi3000
You rock! I'll test it ASAP man! (RB 1.1-R6 #1988)
Best regards :)
@ThisUsernameIsMine
New version is waiting for approval :-)
@volpi3000
If you can enter both ip addresses and hostnames there, that's fine by me :-)
@ThisUsernameIsMine
Is it Also possible if we just make a new file called "admin.yml" were you enter all ip that are excluded from iplock ?
@Pandamatak
Local ips is a god idea, i will do that that, but i dont understand
IP:
Associated Players:
So each player is basically "assigned" an IP and they can only log in from their own IP address?//
Please explain yourself :-)
regards volpi3000
@ThisUsernameIsMine
Sure I will implement it in the next days
@ThisUsernameIsMine
Would love to have that feature too ;I
Could you possibly extend this so that you have something like:
IP:
Associated Players:
So each player is basically "assigned" an IP and they can only log in from their own IP address?
Also, as an added bonus you could make it so that all local IPs (192.168...) have permission to access all accounts (for administrative purposes) since you have to be physically near your server for you to have a local connection, which probably means you're the owner.
Hello again :)
Could you make it possible so that we can use wildcards instead of typing multiple lines to protect different names for one hostname??
Example:
(old method) somename:example.host.org someothername:example.host.org
(new method)
Thanks!
Yay ^-^.. Thank You for such a great plugin.
@Mune03
ahhh got it :-) new Version soon
Edit:
changed it and uploaded File :-)
@volpi3000
Hello volpi3000,
Yes I am well aware of the function in this plugin and my server is an offline server too. I am also trying to protect my staff's account with the IPLock feature. However, when I tested out and try to log in their account, the lock does work wonderfully well, but their IP is still shown (in the screenie below 108.x.x.x=72.x.x.x). My wish is that can you not make the IP shown in the connection screen? I'd like to keep it private, so other people won't know my staff's IP when they try to log in their account.
sorry if my explanation wasn't clear before :x
Please have a look at the screenshot: http://i.imgur.com/ZQKhi.png
P.S. And no I did not wrote "I want to protect my admin account by IP?...". That was someone else xD
@Mune03
First Thanks... i will fix this today :-)
Second I think you miss understood the function of this plugin ... The function is that you can only log into you server from your computer (or with your IP) . You need this mostly when you run an offline server .
You already wrote the function "I want to protect my admin account by IP? Is this possible with this plugin?"
regards volpi3000
There's 1 bug and 1 feature i like to request.
1. There's a bug when you use different cap/case letter you can still bypass the IPLock.
2. And, I did use the DNS to connect to the server, but it still show my IP in this screenie. Is there a way to hide it all together? |IPLock login screenshot
@ThisUsernameIsMine
I will definitly do that, it will be in the next version with should be released in the next 3 Days
:-) regards volpi3000
@Pr07o7yp3
Yes it is possible,
DynDNS is a website which gives you free domain like "xxxx.dyndns.org" An Updater on your Computer sends your ip to this domain... so when my plugin ask for your ip it responds with your correct IP.
The reason, whhy you need Dyn DNS (Dyn stands for "Dynamic") is that most cases you dont have static ip whcih means your ip changes about every 12 hours, so my plugin requieres DynDNS because it needs always you actual correct ip
I hop you understan what i mean regards vopi3000
PS: Here are some links you could look at :
http://en.wikipedia.org/wiki/Dynamic_DNS
http://dyn.com/dns/
Lovely plugin! :)
Could you please add support for (local) ip addresses?
Best regards ;)
What is that DynDNS?
I want to protect my admin account by IP? Is this possible with this plugin?
@Mune03
Not that i know, but you don't have to tell anybody your dyndns domain and in most cases your are running a NAT so the IP u see is not YOUR ip it is the ip of your router...
greets :-)
volpi3000
Is there a way to hide your protected IP? Exposing people's IP makes it vulnerable to DDoS attack D: