IPSecurity
IP Security
IP Security is a very simple, self-explanatory plugin that can save your server from being exploited if your trusted player's accounts become compromised.
If you are interested in trying the dev features (use hostname for ip) please use the dev builds.
In a nutshell, IP Security will allow you to specify a full IP or IP range that a specified user can log in from. If they log in from another IP, their account will be kicked from the server, and can be banned until you have time to investigate the issue, if you so choose.
IP Security will also de-op all players when they log out, if they have op. You can mark a player as an op in the config, and when they log in under the right IP, they will be given op back, which makes sure that cheaters will have no chance to exploit and use op.
Configuration
#If a player is not listed here, they will be able to log in with no check at all. players: #Restrict access for the user "Test" to ip 127.0.0.1 Test: ip: 127.0.0.1 #True if player should be opped once they are verified op: true #Disallow Notch from joining at all Notch: ip: None op: false settings: #True if player should be banned if they fail IP authentication (or are not allowed ban-on-wrong-ip: true #Reason to kick a player if they fail IP authentication (or are not allowed) kick-reason: Nope.
Commands
command | description |
---|---|
/ips help | Show help page |
/ips reload | Reload the config. |
/ips /ips add [user] [ip] [op(true/false)] | Add a user to the config. |
/ips remove [user] | Remove a user from the config. |
All commands require the permission ipsecurity.admin
@aroeira
It DOES allow more than 1 ip by repeating the username again with a different IP in the configuration.
I have a suggestion.
Why not add hostnames (example.com) too?
Its good for peoples with ddns
I changed the ip to a hostname but isn't work.
Server log:
ALERT: ProfLiebstrumpf logged in with ip: 123.456.789.876
But ip: example.com was expected.
@spikefacha:
that's a good point. most peoples have dynamic ip adress.
Found conflict with AuthMe Plugin on login with wrong IP:
[SEVERE] Could not pass event PlayerQuitEvent to AuthMe
org.bukkit.event.EventException
at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:341)
at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:62)
at org.bukkit.plugin.SimplePluginManager.fireEvent(SimplePluginManager.java:477)
at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:462)
at net.minecraft.server.ServerConfigurationManagerAbstract.disconnect(ServerConfigurationManagerAbstract.java:206)
at net.minecraft.server.NetServerHandler.disconnect(NetServerHandler.java:165)
at org.bukkit.craftbukkit.entity.CraftPlayer.kickPlayer(CraftPlayer.java:216)
at net.h31ix.ipsecurity.PlayerListener.error(PlayerListener.java:68)
at net.h31ix.ipsecurity.PlayerListener.onPlayerLogin(PlayerListener.java:35)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:339)
at org.bukkit.plugin.RegisteredListener.callEvent(RegisteredListener.java:62)
at org.bukkit.plugin.SimplePluginManager.fireEvent(SimplePluginManager.java:477)
at org.bukkit.plugin.SimplePluginManager.callEvent(SimplePluginManager.java:462)
at net.minecraft.server.ServerConfigurationManagerAbstract.c(ServerConfigurationManagerAbstract.java:161)
at net.minecraft.server.ServerConfigurationManagerAbstract.a(ServerConfigurationManagerAbstract.java:92)
at net.minecraft.server.NetLoginHandler.d(NetLoginHandler.java:129)
at net.minecraft.server.NetLoginHandler.c(NetLoginHandler.java:42)
at net.minecraft.server.DedicatedServerConnectionThread.a(DedicatedServerConnectionThread.java:44)
at net.minecraft.server.DedicatedServerConnection.b(SourceFile:29)
at net.minecraft.server.MinecraftServer.q(MinecraftServer.java:577)
at net.minecraft.server.DedicatedServer.q(DedicatedServer.java:213)
at net.minecraft.server.MinecraftServer.p(MinecraftServer.java:473)
at net.minecraft.server.MinecraftServer.run(MinecraftServer.java:405)
at net.minecraft.server.ThreadServerApplication.run(SourceFile:539)
Caused by: java.lang.NullPointerException
at org.bukkit.craftbukkit.inventory.CraftInventory.setContents(CraftInventory.java:60)
at uk.org.whoami.authme.listener.AuthMePlayerListener.onPlayerQuit(AuthMePlayerListener.java:439)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.bukkit.plugin.java.JavaPluginLoader$1.execute(JavaPluginLoader.java:339)
... 27 more
Still working :)
please make it accept more than 1 ip.
i added a dns (no-ip) as my ip and i got locked out xDDD did it accept dns?
I have this installed and it's working great.
Only niggling issue I have is that it's banning the usernames instead of the IP, which could be used to cause issues in itself... unless I'm doing something wrong.
Example: Somebody logs in under my username, my account gets banned. The person then quite happily rejoins the server under a different name.. or maybe under another admins name to get them banned too.
Is there any chance of a ipban instead of account bans in a future version?
Case sensitivity is repaired in version 1.1. Confirmed by me. Much thanks to the author for this very useful plugin!
@abcedea
Unfortunately, there are a huge amount of variations on a single name if uppercase/lower case letters can be interchanged :(
add mysql
@wawaamp
There wouldn't be a way do stop that really, I wouldn't imagine this plugin being of much use to you.
Try a login password plugin :)
@bob7l
Add multiple entries for the different variations of your name?
Here is a problem, you can totaly bypass this like so..
bob7l (IP LOCKED)
If you login as.. BoB7l it wont kick the player
Hey could you add an option that the Username and IP-adress will be banned on wrong IP-Log-In, please?
Username-Check we do with the White-List, just wanting Ban the IPs of People who tried to Log-In on my admins' accounts.
riddle me this: i live in a country where all the internet service providers hand out dynamic ip addresses, and in some cases they are not ranged, like, on Tuesday i could have 86.9.201.1 but on Saturday i could end up with 85.4.71.124
how would your plugin react to this? as a lot of my players, even ones from other countries, also have dynamic ip addresses.
in fact, it's safe to say that very few internet service providers have the resources to spit out a static ip address per person.
THANKS I NEED THIS!
SHITHEAD KIDS KEEP LOGGING INTO MY SERVER AS OP NAMES.
@omgitsmit
Anyone? Anyone? Bueller?
Ahhh...so this is how a cracked server I play on doesnt use /register yet i cant login as an admin....
@eXoCraeft
I have the same question, how do i add two completely separate ranged ip addresses to a single user?
Can i make a vid for this plugin
@aed8494:
1/ Oki, thanks, if i've understand your word: i've just notice the red segment 192.168.1. for all adresses IP into this segment, this isn't?! :p
2/ For unban a player: /unban <player> The script ban really player !!! ;-)