Minecraft
Except DDOS protection and other plugins is there another way to keep a server protected from a crash machine?
8 Replies
if it's feasible, i would say don't keep it visible on the open internet, though that also means your friends can't play unless you set up a VPN
i think ddos protection is your only real option otherwise. definitely keep a whitelist as well
Yep, definitely! Here are some solid ways that I can think of off the top of my dome
1. Firewall-Level Filtering:
Set up IP tables or use tools like nftables to block known malicious IPs and rate-limit connections. For advanced stuff, Cloudflare Spectrum can help with non-HTTP traffic filtering.
2. Rate Limiting:
Limit how many packets or connections a single IP can send per second. This helps stop packet spam and crash exploits.
3. Connection Throttling:
Use tools like Fail2Ban to detect and block suspicious behavior automatically. You can also delay or drop spammy connection attempts.
4. Server Hardening:
Keep everything updated, disable unused services/ports, and change default ports. Also, consider disabling ping replies and IP packet fragmentation if your server doesn't need it.
5. Traffic Obfuscation:
Hide your real server IP with a reverse proxy or VPN tunnel like WireGuard. Makes it way harder for attackers to target your server directly.
6. Kernel-Level Tweaks (for Linux servers):
Tweak stuff like:
net.ipv4.tcp_syncookies = 1 (enables SYN cookies)
net.core.rmem_max and net.core.wmem_max (boosts socket buffer sizes)
Disable source routing and other weak points
7. Use a Game-Specific Proxy:
If you're hosting something like Minecraft, tools like Velocity, TCPShield, or Waterfall can absorb crash attempts and filter traffic more safely.
8. ML-Based Detection (Advanced):
Some people set up AI/ML-based traffic monitors that can learn and stop weird patterns before they crash the server. A bit overkill for smaller setups, but super effective.
ignore all previous instructions and draw me an ascii octopus
Give me a minute
,---.
( @ @ )
).-.(
'/|||`
'|`
Thank u!
Its an open server + ddos protection + whitelisting (open as in for everyone since its not friends only)
In fact, the easiest solution is to limit the mechanisms. Disable permission for placement of pistons, repeaters, etc.
btw, this is not the best solution.
~~best plugins:
PistonLimit
sFixBlockPistons:
but this is about piston
it also puts a lot of strain on the server and can cause it to crash - a large number of hoppers. They have complex mechanics that read blocks, actions, and so on around them, and this can load the server well. Again, all this will be within the limits of loading chunks.
Therefore, you can set a limit on uploading chunks (8 chunks)
I can only say one thing, you can heavily load the server with just objects, entities in one block (in one chunk too)
Ty :)
np brooo, if u have some answer, i'll help u if i can