How to protect your Minecraft server from hacking via PlaceholderAPI

In this article, we will understand how to protect Minecraft server from file siphoning and hacking.

Изображение записи на Голем
  • Disable the ecloud function in PlaceholderAPI via (config.yml) to avoid downloading a malicious add-on (expansion) to your server via /papi ecloud download [name]
  • Remove the add-on (expansion) in PlaceholderAPI called Javascript, to be exact, only if you used the version of this add-on from 1.6.0 to 2.1.0 to get rid of /jsexp parse (checking any JS code), preferably if you need it, replace it with version 2.1.2 to avoid data hacking/sniffing.
  • Remove PlugmanX plugin and replace with ServerUtils (to avoid downloading backdoor, malicious plugin to the server via /plugman download direct/spigot)
  • Do not install the PluginManager plugin (to avoid also /pm download direct/spigot)
  • If you use proxies, such as Bungeecord, Flamecord, Waterfall, NullCordX, it is advisable to install any of the listed plugins for port bypassing - IPWhitelist, BungeeGuard, SafeNET, etc. on all servers.

More useful information can be found here: EnotTeam - Minecraft Servers Creation

0 комментариев
Пожалуйста, создайте учетную запись или
авторизуйтесь прежде чем оставлять комментарии