Is my 1.20.1 server safe?
Hey!
I think I have setup my Paper server well, but I can't help but feel that hackers or exploiters could swoop in and possibly cause damage or simply cheat.
I use Paper's built-in X-Ray and the GrimAC plugin (which has been known to pick up false alerts imo)
The rest of my plugins are not related to preventing exploits. Any ideas on what I could improve?
20 Replies
Thanks for asking your question!
Make sure to provide as much helpful information as possible such as logs/what you tried and what your exact issue is
Make sure to mark solved when issue is solved!!!
/close
!close
!solved
!answered
Requested by teamkhaleesi#0
Paper Antixray is bypassable to a extend
grimac isnt maintained by the orginal creator anymore so ymmw
Oh, I see. That sucks to hear, is there anything I can do to improve it then?
Make sure you have backups and ways to restore griefs, (coreprotect, logblock, etc), and ways for players to protect themselves. (grief prevention/defender, chest claims, etc)
Hi, I do use core protect and worldguard. So far no griefs have been done yet, but with GrimAC I do see some joining with a forge client, or Lunarclient which is what made me worried for some reason.
Lunar client is nothing harmful
also seeing what clients people use is abseloutely useless.
hacked clients has server/client spoof which makes them show up as vanilla
or whatever they want
yea I figured. I do find the GrimAC plugin useless as it's not done much to be honest. It did pick up alerts from a player, and when the staff team investigated, it was simply the player lagging and having ping issues.
So any other plugins you guys could recommend to keep my server safe from hacks and exploits? I don't find GrimAC useful :/
vulcan is a decent anticheat imo, but you can never be fully secure
its just not possible.
aww that sucks to hear. Alright I suppose it's worth a shot to try the vulcan one, ty ð
imo just worry about the actual content of the server, and figure something out once a grief actually occurs. That would be bad but considering you have never had any exploiters yet, I expect you to be new to the server management community. Just have coreprotect & an anticheat for now and see what griefs/exploits start popping up, then figure out a way to patch them. Having patches for every single exploit in existence from the start might be a little resource-intensive since most plugins that do this work on a packet level
kk ty! ð
Outside of the game, for ur âserver safetyâ more specifically server security, Iâd recommend a containerized panel/server such as pterodactyl. Basically worse case scenario if somehow your server gets infected (realistically should never happen if youâre doing things by the books), but it will only destroy the Minecraft server itself and not the computer/host.
If for some reason you chose to not use a container, (u should still do this even when using a container) then ATLEAST make sure where the server is doesnât have root access to the computer. (Setup a specific user account and only give it perms it needs to run the Minecraft server)
1) Make backups
2) Make backups of the backup (in a different drive / computer )
3) Make backups of the backup of the backup (in a different network)
and the most important thing of all
Make backups
Make backups too
And RAID
If you can
RAID good
what the hell is raid
A RAId is a way to do backups
Not really how I would explain it
I'm out of home ððð
A RAID is storing data using many physical storage units
The thing is that this data is replicated
So if one drive fails, the other will have a copy
RAID IS NOT BACKUPS.
NO IT'S NOT you're correct
Idk why I said that ð
Well it can kind of be used as a backup/file restoring method but using raid for a single Minecraft server is unnecessary, unless you're a hoster
Please stop..
I'm dumbass