PDA

View Full Version : Suggestion (Rejected): LockDown Plugin



Cats_say_moo
18-04-2013, 05:13 PM
I suggest this on short terms meaning this may be rendered useless however
When a DDoS attack happens on the server One mod has to Spam "Everyone Leave the server" Not being able to do that now with the Anti Spam Plugin allready in the game players will get Accidentaly Banned

Lockdown: Customizable to what groups of players you kick
So if you wanted Everyone Except Builders and Staffmembers kicked when doing /ld enable
Hense making a safe enviorment to Ban the unwanted players.

~Questions appreciated <3
http://dev.bukkit.org/server-mods/lock-down/

naithantu
18-04-2013, 06:38 PM
We haven't had such an attack in months, there's no need to add a plugin for something that (luckily) barely ever happens.

Cats_say_moo
18-04-2013, 09:47 PM
The attacks will never just stop naith, Since the server was a target before doesnt mean it isnt now thou.
Also wouldnt you like to be prepaired to do something if and when it does happen?

Telluur
18-04-2013, 10:21 PM
You do understand that this won't protect us in the case of a server ddos. What will happen when you lock down is that the client connects, bukkit registers the entity. Then it has to pass it to the plugin which has to tell the server to release the client. The bots will just keep on trying to join, and overload the server with this join check. The only way you could turn clients away without affecting the actual server, is to use a proxy that either sends the player to the server or turns it away before they even get to reach the server.

Now back ontopic: you are right, there's always a chance that we get ddos'd. 99,9% of the time it is just a 12 year old moron that found a file with usernames and passwords somewhere online and use some sort hacked client to chat spam us. This silly chat spam won't do shit to the server, trust me, it has happened numerous times before (last one was a while ago though).

When we talk about that 0,1% that use advanced ddos tools like the ones anonymous or lulsec released, then we would need somesomej more advanced ddos mitigation services like javapipe or cloudflare. However, I do not see a single reason why anyone would attack a small non-profit community so heavily. There's nothing to get here anyway.


Tl;dr. Plugin is useless in terms of ddos protection.
We really don't need any ddos mitigation programms/services.




Edit:
Seeing that I somehow misunderstood the op, but my initial post was an actual reply to your previous post:

I'm sure that there are permission nodes to bypass anti-pownage, and an admin could also issue a /kickall with temporarily stay away to avoid being wrongly banned message.

Cats_say_moo
19-04-2013, 01:41 PM
I see your point there, But If not this plugin then maybe something added to the allready plugins of the server? Like with the spam warning to have mods be able to talk in chat without getting that warning perhaps? That way it doesnt make a useless plugin and it is migratable into another plugin?

naithantu
29-04-2013, 08:57 PM
Plugin is not necessary, it provides a little bit extra protection against such ddos attacks (less real players get banned), but that's really all it does.
That combined with the fact that we haven't had such an attack in months, this plugin simple is not required. If we ever get problems with such attacks again we will consider adding it.