Davidcubesvk
Davidcubesvk
Download the latest version of the plugin available from the official plugin page on SpigotMC. Put the .jar file into the plugins folder of all your servers (backend and proxy servers) and restart them.
Each player has his data representation called GameProfile. This object
contains data such as the player UUID, or properties. Properties are used
to store skin textures (if the server is in online-mode). These properties
are then forwarded to the backend server by the proxy. On the proxy,
SecuredNetwork inserts a passphrase into these properties. Backend servers
then verify it and if the configured passphrase and the received one equal,
the connection is accepted.
Therefore, the passphrase should be unique and completely random. Open the
console on any of your proxy servers and use command
/sn generate <length>. The length argument
indicates the length of the newly-generated passphrase. It should be greater
than 0 and the longer the new passphrase is, the better.
In fact, there's no upper limit on this value, but don't enter too big, like
1000000000 or so, as it will take longer for slower connections
to login (every character of the passphrase is 1 byte, a length of 1 million
characters is 1MB of traffic). Recommended value is 1000. The
generated passphrase was automatically saved into the config.yml file of
SecuredNetwork.
The command also prompted you to reload to apply the passphrase now. We
will do it later. Now, open the config.yml file of the plugin and copy the
passphrase located under property.value. Then, paste the
passphrase into property.value in all config.yml files of
SecuredNetwork plugin (on all proxy and backend servers). Simply make sure,
that property.value fields equal in all config.yml files. To
apply the passphrase, run /sn reload on all your servers.
This step is completely optional. As properties are identified by
their names and store a value (passphrase is the value), this option is also
configurable in all config.yml files under property.name. If
you want, you can use this as the second passphrase. Just, make sure all
property.name fields in all config.yml files equal and reload
all plugins again.
This step is completely optional. If you want to restrict the players to use only your domain, not the numeric IP, etc., you can, thanks to the IP-whitelisting feature.
Each player connecting with any of these IPs will be allowed to connect,
others will get disconnected during the logging in process. You can
whitelist number-IPs, domains, hostnames and ports. At first, set
enabled: to true in the config.yml file of
SecuredNetwork on the proxy to enable the IP-whitelist feature. Then,
whitelist IPs by adding them to ips list following these
rules:
Whitelisting ports - Easily, just specify the IP and
the wanted port separated with a colon, for example
yourserver.com:25565 will allow players connecting only
with this IP and port. If not specified, SecuredNetwork will obtain and
use the port on which is the proxy server hosted. For example, you have
the proxy server hosted on port 25565 and you have
whitelisted yourserver.com, player connecting with the port
25565 and this domain will be allowed (with
yourserver.com:25565).
Whitelisting hostnames - Hostnames can be
whitelisted easily by adding them in front of the IP, for example
mc.yourserver.com will allow players connecting with
mc.yourserver.com (see the upper point if you'd like to
know how ports work). If you want to allow all hostnames, use
*. wildcard as hostname before the IP; this means
*.yourserver.com will allow players connecting with
abc.yourserver.com, xyz.yourserver.com etc.,
but it will not allow players connecting with
yourserver.com (without any hostname).
For servers with dynamic IP address - If the machine
on which is your proxy server hosted has dynamic IP (it's IP changes
every server restart), just use placeholder {ip} as a
replacement for the machine's IP. As it is just a replacement, you can
specify ports, hostnames, without any problems.
IP comparing prefixes - IPs (the one used by player
and a whitelisted IP) are compared case-sensitively by default. To
change the coparision mode, insert [CASE_SENSITIVE] or
[CASE_INSENSITIVE] prefix before the IP. For example,
[CASE_INSENSITIVE]abc.yourserver.com will also allow
players connecting with aBc.yoUrSerVer.com.
If you have more than one proxy, replicate the process for each of them.
Additionally, don't forget to run /sn reload on all your proxy
servers.
Congratulations, you have finished the setup process of SecuredNetwork plugin.
