IPTables Help

Valentino · Apr 11, 2019

Use plugin called ipwhitelist or just enable firewall.
Do "ufw enable" if you use ubuntu. Don't forget to allow ports before you enable it.

iToady · Apr 11, 2019

Valentino said:
Use plugin called ipwhitelist or just enable firewall.
Do "ufw enable" if you use ubuntu. Don't forget to allow ports before you enable it.

If I use ufw what ports would I enable? Just 25565 or all my servers ports?

Valentino · Apr 11, 2019

iToady said:
If I use ufw what ports would I enable? Just 25565 or all my servers ports?

You need to enable ports 22 and 25565, also 80 or 443 if you have website.

iToady · Apr 11, 2019

Valentino said:
You need to enable ports 22 and 25565, also 80 or 443 if you have website.

So I don't have to allow my votifer ports or anything like that?

Valentino · Apr 11, 2019

iToady said:
So I don't have to allow my votifer ports or anything like that?

You do yeah, didn't think of that.

Buxarov · Apr 11, 2019

Hello, There are many ways to protect a server and more if it is Bungee (I write this in case someone else is looking for help)

the main thing would be to activate the firewall, if you can not do this, I recommend you use IPWL (IPWhitelist) for protection is placed on all servers Spigot not in the Bungee.

Although it does not seem like much, if you use a system of travel between servers using a portals plugin, I recommend you use AuthmeBungee, because if they cause a lag on the server, they can go to the portal and establish a connection.

Many people who are dedicated to the servers destroy, often say they have a way to bypass ipwhitelist, it is better to prevent than regret, I recommend that you renew, use AuthmeBungee and UUIDSpoof - FIX

By the way, it's not that I want to digress a lot, but, a protection of Bots, it's also a protection xD, I recommend Bot-Sentry before ABD, it uses a lot less resources

About IPWhitelist, some people say that they have a kickeo error when trying to join the server "You are already connected" happened to me, this is an add-on "IPWhitelist FIX" that fixes this, I have tried it and for now, I was not expelled
recently , I hope not to forget anything

, greetings and luck!

References

IPWhitelist

BotSentry

UUIDSpoof

IPWhitelist Fix

BungeePortals

iToady · Apr 11, 2019

BCraft said:
Hello, There are many ways to protect a server and more if it is Bungee (I write this in case someone else is looking for help)

the main thing would be to activate the firewall, if you can not do this, I recommend you use IPWL (IPWhitelist) for protection is placed on all servers Spigot not in the Bungee.

Although it does not seem like much, if you use a system of travel between servers using a portals plugin, I recommend you use AuthmeBungee, because if they cause a lag on the server, they can go to the portal and establish a connection.

Many people who are dedicated to the servers destroy, often say they have a way to bypass ipwhitelist, it is better to prevent than regret, I recommend that you renew, use AuthmeBungee and UUIDSpoof - FIX

By the way, it's not that I want to digress a lot, but, a protection of Bots, it's also a protection xD, I recommend Bot-Sentry before ABD, it uses a lot less resources

About IPWhitelist, some people say that they have a kickeo error when trying to join the server "You are already connected" happened to me, this is an add-on "IPWhitelist FIX" that fixes this, I have tried it and for now, I was not expelled
recently , I hope not to forget anything, greetings and luck!

References

IPWhitelist

BotSentry

UUIDSpoof

IPWhitelist Fix

BungeePortals

I tried IPWhitelist, but I guess the way my bungee config it setup it won't work, the bungee config keeps setting my IP to 0.0.0.0 and I can't set it to the servers IP.

Tripps · Apr 11, 2019

When it comes to Pterodactyl and making sure it is fully secure you will need to make sure all ports are locked down through your firewall only allowing the local ip addresses within the pterodactyl nic (pterodactyl0).

Code:

To                         Action      From
--                         ------         ----
3306 on pterodactyl0       ALLOW   172.18.0.0/24
25565/tcp                  ALLOW       Anywhere
25565/udp                  ALLOW       Anywhere

Also sub servers must be on 127.0.0.1 within pterodactyl's daemon allocations.

iToady · Apr 11, 2019

Tripps said:
When it comes to Pterodactyl and making sure it is fully secure you will need to make sure all ports are locked down through your firewall only allowing the local ip addresses within the pterodactyl nic (pterodactyl0).

Code:

To Action From -- ------ ---- 3306 on pterodactyl0 ALLOW 172.18.0.0/24 25565/tcp ALLOW Anywhere 25565/udp ALLOW Anywhere

Also sub servers must be on 127.0.0.1 within pterodactyl's daemon allocations.

So when I setup ports for the node, use 127.0.0.1 not the server IP? that kinda makes sense lol

Tripps · Apr 11, 2019

iToady said:
So when I setup ports for the node, use 127.0.0.1 not the server IP? that kinda makes sense lol

Yup basically, just make sure to allow the servers access on the local network (172.18.0.x).

[Edit] We also provide support through the discord in regards to pterodactyl: https://discord.gg/pterodactyl

IPTables Help

iToady

TopTierSMM.com

Valentino

Future president

iToady

TopTierSMM.com

Valentino

Future president

iToady

TopTierSMM.com

Valentino

Future president

Buxarov

iToady

TopTierSMM.com

Tripps

SysAdmin | Developer

iToady

TopTierSMM.com

Tripps

SysAdmin | Developer