Popularity of 'Anti-Crash BungeeCord Fork' products used to be peak high when 'BungeeSmashers' were introduced and their sales still remain stable today.
BungeeSmashers (also NullPing, MOTD spam, etc.) were so-called DoS attack practices, which did not require any massive uplink, and used to perform well on reducing performance of a victim's proxy server. Only a thousand or so packets-per-second were enough because of a certain netty flaw reducing performance once an exception was caught. Thus, the BungeeSmashers aimed to send packets which would then produce exceptions on the victim's BungeeCord to reduce server's performance.
Developers of these 'Anti-Crash' BungeeCord forks implemented various techniques, aiming to reduce AbstractChannelHandlerContext's slow Throwable#getOurStackTrace calls and implemented a fairly simple set of iptables rules limiting SYN packets and filtering connections based on the source's geographic location.
Additionally, to market their products, some developers added various antibot strategies, mostly taken from opensource products.
The netty issue (#10165), was addressed and patched back in the beginning of 2020. Therefore, enterprise-grade power is now required to kill BungeeCord with game packets and no BungeeCord fork will be able to filter this out (unless your CPU is enough to sustain the packets and your link is greater than the attack consumes, which is likely not to be the case). These issues are to be dealt with real DDoS mitigation infrastructure provided by various reverse-proxy services, which offer to handle, filter and proxy incoming connections to your backend.
Long story short, Anti-Crash Bungee forks are now totally useless for any Minecraft server and should rather be considered a scam. Beware.
AntiBot solutions have been implemented in various open-source forks and plugins like Leymooo/BungeeCord and Elytrium/ElytraProxy (not sponsored).
Please Note: Outdated spigot flaws, which make it possible to crash the server with a couple packets directed to the backend, are NOT RELATED to netty issues and nothing mentioned above applies to them. Use anti-crash solutions for those issues specifically at your own risk, but I'd recommend upgrading your server to more stable versions.
BungeeSmashers (also NullPing, MOTD spam, etc.) were so-called DoS attack practices, which did not require any massive uplink, and used to perform well on reducing performance of a victim's proxy server. Only a thousand or so packets-per-second were enough because of a certain netty flaw reducing performance once an exception was caught. Thus, the BungeeSmashers aimed to send packets which would then produce exceptions on the victim's BungeeCord to reduce server's performance.
Developers of these 'Anti-Crash' BungeeCord forks implemented various techniques, aiming to reduce AbstractChannelHandlerContext's slow Throwable#getOurStackTrace calls and implemented a fairly simple set of iptables rules limiting SYN packets and filtering connections based on the source's geographic location.
Additionally, to market their products, some developers added various antibot strategies, mostly taken from opensource products.
The netty issue (#10165), was addressed and patched back in the beginning of 2020. Therefore, enterprise-grade power is now required to kill BungeeCord with game packets and no BungeeCord fork will be able to filter this out (unless your CPU is enough to sustain the packets and your link is greater than the attack consumes, which is likely not to be the case). These issues are to be dealt with real DDoS mitigation infrastructure provided by various reverse-proxy services, which offer to handle, filter and proxy incoming connections to your backend.
Long story short, Anti-Crash Bungee forks are now totally useless for any Minecraft server and should rather be considered a scam. Beware.
AntiBot solutions have been implemented in various open-source forks and plugins like Leymooo/BungeeCord and Elytrium/ElytraProxy (not sponsored).
Please Note: Outdated spigot flaws, which make it possible to crash the server with a couple packets directed to the backend, are NOT RELATED to netty issues and nothing mentioned above applies to them. Use anti-crash solutions for those issues specifically at your own risk, but I'd recommend upgrading your server to more stable versions.
Last edited:
