Completely unlink accounts.
Closed this issue ยท 5 comments
What behaviour is observed?
Hi, I'm using AuthMe with a proxy over it, and setting spigot.yml's Bungee cord to true would f*** up my bot that connects from localhost, so I need a way to:
- Disable the "You have {X} accounts: U1, U2, ..."
- Disable any feature that identifies the player using their IP
Please help. If there are no such configurations, I could implement them myself and create a PR because this would be very useful for people like myself.
Expected behaviour
a way to ignore IP addresses completely; could not find.
To Reproduce
- Create a server (nahhh really)
- Add AuthMe
- Put a proxy over your server
- All IPv6 IPS would be: 0:0:0:0:0:0
- All IPv4 IPS would be: 0.0.0.0
Plugin list
WorldEdit, PlugManX, Essentials, B**chFilter, EssentialsSpawn, EssentialsChat, WorldGuard, AuthMe (obviously), GriefPrevention, GriefPrevention_Rewards (CUSTOM)
Server Implementation
BungeeCord
Database Implementation
SQLite
AuthMe Version
5.6.0-LEGACY
Error log (if applicable)
No response
Configuration
https://gist.github.com/NullClock/82a9cba7cb76e7a9e44a2cc82db29622#file-real-yml
Why is the IP detection an issue for you? It's only an information message that would be likely only be related to other direct connection accounts. Furthermore, I wonder why you use a full client for bots instead of plugin with a NPC system. That would be much more reliable.
As an alternative, you could also fake the BungeeCord forward message, if you want to bypass the BungeeCord proxy. BungeeCord's forwarding data is never meant to be secure.
EDIT: I looked into it and there is also a permission for that if you want to completely disable it.
Why is the IP detection an issue for you? It's only an information message that would be likely only be related to other direct connection accounts. Furthermore, I wonder why you use a full client for bots instead of plugin with a NPC system. That would be much more reliable.
As an alternative, you could also fake the BungeeCord forward message, if you want to bypass the BungeeCord proxy. BungeeCord's forwarding data is never meant to be secure.
EDIT: I looked into it and there is also a permission for that if you want to completely disable it.
Yeah i'd like to disable it, and the IP detection is an issue because IP Forwarding on Eaglercraft is so insecure and unstable.
IP Forwarding on Eaglercraft is so insecure and unstable
Forwarding is never meant to be cryptographically secure. Every guide mentions that you are meant to firewall the Spigot server, that no external direct connections are allowed. AFAIK Eaglecraft is client software, so it's not even relevant here. IP Forwarding is between the reverse proxy (e.g. BungeeCord) and the Minecraft server (e.g. Spigot). The client is not involved in the process.
As mentioned, you can disable the you own X account message with permissions and other features like session logins with the configuration, but I would strongly advise against disabling IP forwarding entirely. Then other features like IP, skin forwarding, etc. wouldn't work either.
IP Forwarding on Eaglercraft is so insecure and unstable
Forwarding is never meant to be cryptographically secure. Every guide mentions that you are meant to firewall the Spigot server, that no external direct connections are allowed. AFAIK Eaglecraft is client software, so it's not even relevant here. IP Forwarding is between the reverse proxy (e.g. BungeeCord) and the Minecraft server (e.g. Spigot). The client is not involved in the process.
As mentioned, you can disable the you own X account message with permissions and other features like session logins with the configuration, but I would strongly advise against disabling IP forwarding entirely. Then other features like IP, skin forwarding, etc. wouldn't work either.
Yeah I did.
The issue is resolved but I would just like to add/explain: Eaglercraft servers required the EaglerXBungee plugin in Bungee or Velocity and the plugin depends on WebSocket headers from the client in order to IP forward. but some clients don't send it; crashing the server. this would require me to modify eaglerxbungee and I just don't want to do that.