Starting Public Server

The title says about half of what I'm asking here. I am looking to start a Minecraft server that is going to be open to the public, I have dealt with larger private servers before so I am not too worried about traffic volume, but I am more worried about cheats, exploits, attacks, etc. I'm sure you all know what I'm talking about. does anyone have any advice for how to combat some of this.

Currently I know/think:

Use a reverse proxy
I am looking at FlameCord for added security, as well as ExploitFixer by the same dev (both paid)
I am thinking of using a discord server as a proxy between being invited to and then whitelisted on the server (i.e. you have to be in the discord to get whitelisted on the minecraft server.

Does anyone have any further advice that is different from what I've listed above. If anything I said doesn't make sense please tell me why I'm wrong, I want to do this the right way.

Thanks in advance

TLDR: I need advice on how to keep my public minecraft server network secure.

Solution

They "protect" against ddos by dropping bot ips with iptables, it really only lowers a bit the load on the cpu, if you get a 2gbps flood and your connection is 1gbps theres nothing it can do.

Still id take velocity + limbofilter or at least xCord/NullCordX over flamecord if you care about security

Jump to solution

TheGoatlerOP•2/17/25, 12:15 AM

Oh also if it wasn't clear before, feel free to talk me out of doing this too, but I feel like it isn't that unreasonable. Also if you could ping me when you respond that'd be great!

Cubicake•2/17/25, 12:37 AM

Why use flamecord?

Tamz•2/17/25, 12:37 AM

Cubicake•2/17/25, 12:37 AM

Velocity is the best option for proxy software and it's free

TheGoatlerOP•2/17/25, 12:44 AM

I'm currently using velocity. are there not any benefits to flamecord?

TTheGoatler I'm currently using velocity. are there not any benefits to flamecord?

Tamz•2/17/25, 12:44 AM

not really from what people might answer you

TheGoatlerOP•2/17/25, 12:45 AM

Ok, they claim it can protect you from certain network attacks, is this untrue or is it also something velocity can do?

Tamz•2/17/25, 12:45 AM

how would they block you from network attacks?
they arent a ddos protection service

TheGoatlerOP•2/17/25, 12:45 AM

it says they are on their website?

TheGoatlerOP•2/17/25, 12:47 AM

TheGoatlerOP•2/17/25, 12:47 AM

are they just straight up lying?

Tamz•2/17/25, 12:47 AM

thats a Bold claim

TTheGoatler are they just straight up lying?

Tamz•2/17/25, 12:47 AM

most likely

Tamz•2/17/25, 12:47 AM

i wouldnt say best

Tamz•2/17/25, 12:47 AM

its Something if they do anything at all

TheGoatlerOP•2/17/25, 12:47 AM

I'm not asking about that

TheGoatlerOP•2/17/25, 12:47 AM

I'm asking about the part at the end where it says they protect against ddos

TheGoatlerOP•2/17/25, 12:47 AM

obvoisly best is always bold

TheGoatlerOP•2/17/25, 12:48 AM

I'm happy to stick with velocity, just trying to understand how it works tbh

Tamz•2/17/25, 12:48 AM

yeah no they wouldnt be able to protect against DDOS attacks

Tamz•2/17/25, 12:48 AM

thats something you need an actual service like tcp shield or neoprotect

Tamz•2/17/25, 12:48 AM

:SCbruh:

TheGoatlerOP•2/17/25, 12:49 AM

gotcha

TheGoatlerOP•2/17/25, 12:50 AM

do you recommend either of those in particular

TTheGoatler do you recommend either of those in particular

Tamz•2/17/25, 12:50 AM

either of?

Tamz•2/17/25, 12:50 AM

oh ddos prots

Tamz•2/17/25, 12:50 AM

well depends tbf
if you get a host that alr does ddos protection for you, its fine to not get any

TheGoatlerOP•2/17/25, 12:51 AM

I was gonna... self host... is this a bad idea?

TTheGoatler I was gonna... self host... is this a bad idea?

Tamz•2/17/25, 12:51 AM

uhhhhh

Tamz•2/17/25, 12:52 AM

depends how good ur hardware is

TheGoatlerOP•2/17/25, 12:52 AM

my hardware is fine for my application

Tamz•2/17/25, 12:52 AM

what is it?

TheGoatlerOP•2/17/25, 12:52 AM

im purely concerned with security

TTamz what is it?

Tamz•2/17/25, 12:52 AM

^ tell specs then we can go from there

Tamz•2/17/25, 12:52 AM

there is a certain threshold for a Decent self host vs would be better to buy a host host

TheGoatlerOP•2/17/25, 12:53 AM

I'm not personally willing to pay any money for a host, my hardware has proven to be sufficient, I have a i9-10850k with 80GB RAM

Tamz•2/17/25, 12:53 AM

oh yeah thatll do you fine

Tamz•2/17/25, 12:54 AM

ok security time

Tamz•2/17/25, 12:54 AM

is this ur main pc or a pc you have?

TheGoatlerOP•2/17/25, 12:54 AM

its a PC I have, its only for Minecraft

TheGoatlerOP•2/17/25, 12:54 AM

my old gaming pc

TheGoatlerOP•2/17/25, 12:55 AM

it currently has Debian installed

Tamz•2/17/25, 12:55 AM

which debian?

TheGoatlerOP•2/17/25, 12:56 AM

12 i think

Tamz•2/17/25, 12:56 AM

neat!

Tamz•2/17/25, 12:56 AM

gonna be doing stuff from screens or a local panel instance :im_milk_shrug_idk:

Tamz•2/17/25, 12:56 AM

id suggest running ubuntu or debian on said machine so you can start work on security a/e
ssh keys so no one else from outside can access said machine
having ddos protection would also be good. id say neoprotect. cheaper for geyser and its pretty decent
im sure others can tell you more

TheGoatlerOP•2/17/25, 12:59 AM

Alright, cool, thank you! Looking forward to hearing what others have to say

TTheGoatler Alright, cool, thank you! Looking forward to hearing what others have to say

Error110•2/17/25, 1:05 AM

If the pc is local have panel closer

Error110•2/17/25, 1:05 AM

Closed