Fixing spoof problem

[Skahletto]

So, Im helping my friend branch his community out to minecraft and ive been developing the minecraft server as best as i can but im running into this issue that can be resolved by the Authme plugin. But as ive seen on many other servers they dont have the /login command when you login.....

The problem is people will join my server and im guessing spoof my account or my friends account and make themselves OP.

Im wondering how to fix this without the /login auth....if someone could just link me somewhere or tell me how that would be great but if needed i can pay for this to be fixed.

My theory is i shouldnt have anyone on the servers Opped and only use the PermissionsEx

I have 4 spigot servers Skyblock/kitpvp/factions/lobby and their server.properties onlinemode=false My bungee/proxy server has its onlinemode=true.

 

[HippoPlayz]

Have you tried the plugin IpWhitelist? It's pretty useful to prevent these kind of things.

 

[Danny Q.]

You're probably a victim of the bungee exploit. Download the IPWhitelist plugin on all of your spigot servers and only whitelist the bungeecord IP.

 

[Xeane]

Or just configure your firewall, there's many guides to show you how out there. I would post a link, but I'm apparently too new.