IPLock
Protect your players! >> have a second login
This plugin allows you to require everyone or just selected players to authenticate their IP with a password set by them. This creates a second layer of security for servers. All data is stored encryptet on the server for maximal security. If someone joins with your name, but not with your IP he will be kicked. This plugin works great to protect admin and staff accounts on offline servers.
Setup
- Copy JAR to your plugins folder
- Edit the settings.yml in IPL folder => everybody:false means that IPLock is not required for everybody... true is self-explaining ;-)
- In case you have a firewall on your server make sure to free port 2004
- Give all users that you want to use IPL the permission node ipl.basic
- Each user with ipl.basic needs to login and use "/ipl register [password]" to make it function for them
- Dowload the updater, link appears ingame when you register
- Once they have registered they open the updater tool and enter the server info, then click start to update the server with their IP
Source
GitHub: volpi3000's sourcePermissions
- ipl.basic - Gives access to register with the server
- ipl.admin - Gives access to manage users
Commands
- /ipl help - Show IPL Help (ipl.basic)
- /ipl register [password] - Register yourself with the server (ipl.basic)
- /ipl unregister [username] - Remove a user from the list (ipl.admin)
Example Config
Upcoming Features
- WebInterface
I think most of you that are complaining that they can bypass IPLock, have entered they name to the admin.yml. The admin.yml allows to bypass iplock, yet i think there is no need for this feature anymore, i will remove it in the upcoming version
Stay tuned, volpi3000 ;-)
When will you add the new futures? I've been waiting to see if you would add a auto IP and user name when prompted future. Great plugin by the way!
I will update this plugin for 1.4.x in the next days. ty
Hello,
im using 1.4.2 bukkit but for long time i have this error which crashing plugin. I add players fake ip to register, so if theyre dont have that fake ip theyre cant join, but somehow they manage to pass ttrough IPL with this error. Can you please, please fix it???
13:20:26 [SEVERE] Could not pass event PlayerJoinEvent to IPL v1.2.0
org.bukkit.event.EventException
at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:341)
at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:62)
at org.bukkit.plugin.SimplePluginManager.fireEvent(SimplePluginManager.java:477)
at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:462)
at net.minecraft.server.ServerConfigurationManagerAbstract.c(ServerConfigurationManagerAbstract.java:162)
at net.minecraft.server.ServerConfigurationManagerAbstract.a(ServerConfigurationManagerAbstract.java:93)
at net.minecraft.server.NetLoginHandler.d(NetLoginHandler.java:132)
at net.minecraft.server.NetLoginHandler.c(NetLoginHandler.java:45)
at net.minecraft.server.DedicatedServerConnectionThread.a(DedicatedServerConnectionThread.java:44)
at net.minecraft.server.DedicatedServerConnection.b(SourceFile:29)
at net.minecraft.server.MinecraftServer.r(MinecraftServer.java:578)
at net.minecraft.server.DedicatedServer.r(DedicatedServer.java:215)
at net.minecraft.server.MinecraftServer.q(MinecraftServer.java:495)
at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:428)
at net.minecraft.server.ThreadServerApplication.run(SourceFile:818)
Caused by: java.lang.NullPointerException
at de.mc_zone.ipl.IPLock.normalJoin(IPLock.java:144)
at sun.reflect.GeneratedMethodAccessor196.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:616)
at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:339)
... 14 more
is it compatible with CB 1.4.4 ?
i got this error
@onni82
It's not supposed to ask you to set a password or ask for one. It's made to bind an account to an IP and prevent anybody from connecting on that account from any other IP.
@ruben2105
It's currently NOT working on 1.4.4-R0.1 so unless something changes with future bukkit releases this plugin will need to be updated to be viable.
Edit: it is working (at least somewhat), but if you try entering something for a user such as blah.com it will sometimes error and allow them on.
@onni82
Then you dind't install it on the right way cuz it works perfectly here.
This plugin does not work properly.
It doesn't even ask me to do /login or /setpassword, so griefers can log in as me (the server owner) and destroy everything!
@winter4w
same.
@ha11oga11o
Some hacker says he coded it to bypass and I use xauth
@winter4w
Have that issue for some time too, ask what to do with it, and i got suggestion to disable authme. Well i did it and same problem happens.
I hope dev will look at this.
Cheers!
Hay today a hacker got on a staff accout THAT WAS LOCKED so can you please fix the bypassing but
thinking of peoples i[ changing could there be a backup account where you would type a code and it would make it so that accounts ip changed to that? exhample: /ipl add volpi3000 test.server.com or /ipl add volpi3000 127.0.0.1 <backup account> <backup password>
so like this: /ipl add joehot2000 127.0.0.1 joehot200 killer joehot2000 is my account then when my ip changed i would go on joehot200 and type /ipl <player> <pass> (so /ipl joehot2000 killer) and then it would change the ip joehot2000 is locked to to the ip that i am on at the moment. just an idea, but i think it would be an awsome way to get around the problem ;)
if i use dns from no-ip and then my ip changes the noip updates the ip but i still get kicked
When will a new update come out? I could really use the new futures. :) Also could use a speed improvement because sometimes it effects logging in the server.
@RetroCola
Sure, i will implement that in the next Version
Any chance adding premissions that players could protect just them selves? Atm they can protect the who ever they want = Abuse
@Enrux
I will implement colors in the Next Version
@volpi3000
To be honest i dont dare to turn off authme not even for a minute - that will be disaster. Theyre fast like ants. All they think about is how to hack, exploit, take over another account and worst thing they dont have statics IPs.
But i noticed that this is happening sometimes not always. Dont forget that exact same nick is banned (baned_players.txt) and they still can connect to server.
Thanks for this awesome plugin!
message support colors?