Securing an online-mode=false private server
hihi! I manage an AWS minecraft server and I had an admin question:
The server is private and just 5 friends as of now. A couple others want to join but use cracked clients and cannot afford the official game. I still want to play with them, but online-mode=false comes with obvious security issues.
I want to create some form of auth to allow these friends to play with us anyway, but am unsure of next steps. As far as I can see there are a few paths:
Use Paper or some similar service to use an auth plugin requiring a password for entry (This could be user specific, or the easier route of a server-wide password that I trust my friends to keep private)
The issue: As far as I'm aware Paper, Spigot etc. cause changes in game behaviour to do with with spawn rates and the like. This would be an annoyance, considering our server's reliance on farms. So ideally I'd like to avoid this. If there's some way to allow the disabling of all such changes that would be helpful.
Use the server username whitelist in conjunction with whitelisting my friends' IP addresses on AWS
The issue: We're all university students that move back and forth often. Additionally, our university housing uses a strange WiFi provider that I know has had issues with minecraft servers in the past, so I'm unsure as to how it'd react to the whitelisting. Beyond that, it just seems a pain to add this many IPs.
Is there a specific avenue from the above to pursue, or any better ones I'm yet to consider? Please help, and thanks in advance!
Solution:Jump to solution
Someone on the TMC server that redirected me here mentioned using some combination of Fabric with easyauth+easywhitelist, does this seem like an avenue answering the problems I face?Yes, I would strongly recommend you just follow what they say instead...
25 Replies
The easiest and safest way is to have them buy the game and keep the server in online mode
It appears you're wanting to use the vanilla server right?
!offline
I understand this, the 4 that play with me own and bought the game. The few that can't have extenuating financial circumstances that don't allow them to. I'd appreciate help anyway, but of course as those circumstances change I'd migrate back to online mode.
yeah
(ideally)
I mean the second you turn offline mode on you're going to have issues
And if your friends have dynamic ips it would become a hassle to keep whitelisting different ips
So realistically you won't find much help for that on here, because of piracy + security risks
Also understandable. I know there's no way to 100% kill the risk involved here, I want to strike some balance between 'wanting my friends to play together' and 'server doesn't get homicided'. Some advice as to how that balance can be achieved would be nice.
Someone on the TMC server that redirected me here mentioned using some combination of Fabric with easyauth+easywhitelist, does this seem like an avenue answering the problems I face?
That said, I've seen some of the server history about this specific subset of problem. If this is something that admincraft as policy doesn't want to be helpful about, I fully understand and can mark the question solved.
when you go from offline to online mode you may have some issues since everything tends to save through uuid and online and offline uuids are different
whitelists also dont work while in offline mode so you would have to find a plugin that does support offlinemode to beable to do that
oh, I was unaware of this, could you elaborate please? Specifically what issues could I face transitioning from offline back to online?
I see, I was under the impression that in offline mode it just stringmatched with the whitelist. Disappointing to find it doesn't work, but I guess this answers what that easywhitelist mod's value add is
Player data might not work correctly
velocity with limboauth and keep backend firewalled and vanilla (or fabric idk if that messes w stuff)?
Fabric is a lot more vanilla-like than paper to my knowledge
Fabric has full vanilla parity until you mod it
Been looking this up, as far as I can tell the only material change is player inventories being emptied. Easy enough to just get all my friends to put their stuff in chests prior to the swap, no?
or you can just rename the player data files
The data will work correctly, you just have to edit like two files to update to online UUIDs
Whitelists do work in offline mode, I have no idea what he's saying. You just need an auth plugin
Solution
Someone on the TMC server that redirected me here mentioned using some combination of Fabric with easyauth+easywhitelist, does this seem like an avenue answering the problems I face?Yes, I would strongly recommend you just follow what they say instead
You can probably sense the hostility towards offline mode here already
Okay, I should be able to figure this out, doesn't seem too difficult
Thank you very much, I will follow through witht he easyauth plan then
Alright, good luck
Yeah, but I do get why. Just unfortunate circumstances on our end. Will mark the question solved! Thank you everyone :D
no problem
now thats awkward, you said everyone π
It only lets you mark one message π
Everyone in spirit, I suppose
oh i meant me saying this
i didnt realize at first
ah, lmao, it's all good xD