StaffProtection - Best staff security plugin. Prevent hacked account griefing. [Frequent Updates]

Status
This thread has been locked.

HM04

Computer Science and Finance Student
Premium
Feedback score
3
Posts
544
Reactions
269
Resources
0
StaffProtection

Description
Never have to worry about your staff's accounts being hacked again. StaffProtection allows staff members to register a password linked to their account and IP address. This password is highly encrypted and is decrypted behind the scenes.

Your staff does not have to log in every time they join the server, only when they log in from a different IP address.

Upon logging in with a different IP address, all online staff is alerted. The potential hacker is frozen and cannot run any commands besides the login command.

Features
- Configurable messages
- Register passwords
- Password encryption
- IP Address verification
- Encrypted logins
- Logged in from new location alerts
- Frozen players when logged in from new location

Commands
- /register <password>
- /login <password>
- /changelocation

Permissions
- staffprotection.staff
(Give this to all your staff. They will be prompted to create a password on login after receiving the permission.)

Example Database File
Code:
73c8e0f0-8617-49d3-a7ae-fa124787d4e0:
  name: HM04
  password: ͩͻϧʵͩϞńƹǂNjōʈ
  address: 127.0.0.1
Proof of ownership
proof.png


Vouches:
Many more vouches on the resource page. Overall 5 star rated resource.
Tested this on my Development Server very quickly and damn, this plugin is very nice. No bugs that I can see and is very nice. I love the database.yml feature too, I recommend this plugin to people who want to secure there staff team.

VOUCH
Kuzni : 5/5 Honestly a sick plugin. People are saying this is the same as Staff Secure but it really isn't. I'd say this doubles the safety of the server + when I found a bug the developer was on it within minuets

Upcoming updates:
- fix console issue
- increase encryption security

Price: $3.99
Purchase here: http://www.mc-market.org/resources/2839/
 
Last edited:
PebbleHost
High performance, consistent uptime and fast support. Minecraft hosting that just works.

Eric

Software Engineer
Supreme
Feedback score
14
Posts
1,760
Reactions
1,648
Resources
1
I realize that.. I wouldnt have used encryption as a main difference between the two if I knew that the other did the same.
Hashing irreversibly turns a string into completely jumbled text. You sort these strings through algorithms such as SHA256.
Once you have this hashed password you save it to the database, when the user tries to login you need to hash the password they used to attempt to login - If it matches, log them in.
 

HM04

Computer Science and Finance Student
Premium
Feedback score
3
Posts
544
Reactions
269
Resources
0
Can you add like a trusted list & autoban/crash modes ? for example if your name is on the trusted users list you can safely login/register
but if your name isn't on trusted user list, and you try to join with it on the server with dynamic IP support, so it doesnt mess up
1. You will be autobanned
2. Your client will crash
3. None - nothing will be happend
sounds kewl rite?
UUIDs or names?
 
Status
This thread has been locked.
Top