SA-MP Forums Archive
How to prevent rcon crack ? - Printable Version

+- SA-MP Forums Archive (https://sampforum.blast.hk)
+-- Forum: SA-MP Server (https://sampforum.blast.hk/forumdisplay.php?fid=6)
+--- Forum: Server Support (https://sampforum.blast.hk/forumdisplay.php?fid=19)
+--- Thread: How to prevent rcon crack ? (/showthread.php?tid=633220)


How to prevent rcon crack ? - Lester23 - 27.04.2017

Hi, is there any way to prevent people trying to crack my Rcon password from my server?

I mean when they're using /rcon login to get kicked from the server, doesn't matter if they enter the password correctly

in server.cfg rcon 0 is not quite efficient tho. If I type the password correctly, it grants the access.

Re: How to prevent rcon crack ? - Astralis - 27.04.2017

Just make second rcon password.. with dialogs ingame. Once you log in with first it will ask for second, if fail or not enter = kick/ban.

Re: How to prevent rcon crack ? - Chaprnks - 27.04.2017

Best failsafe for me:

server.cfg
Код:
rcon 0
rcon_password TAzADG3q6AH0UW0HPkfHi0YwSfhE7WsJ
This disables remote RCON (without being in-game) & you should also add punishment for XX failed logins in-game:




pawn Код:
public OnRconLoginAttempt(ip[], password[], success)
{
    if(!success) BlockIpAddress(ip, 60000);
    return 1;
}
This blocks the player from the server for 1 minute when he enters a wrong RCON password. Don't worry, it auto unblocks him after 60 seconds.

Re: How to prevent rcon crack ? - Lester23 - 27.04.2017

Quote:
Originally Posted by Chaprnks
Посмотреть сообщение
Best failsafe for me:

server.cfg
Код:
rcon 0
rcon_password TAzADG3q6AH0UW0HPkfHi0YwSfhE7WsJ
This disables remote RCON (without being in-game) & you should also add punishment for XX failed logins in-game:




pawn Код:
public OnRconLoginAttempt(ip[], password[], success)
{
    if(!success) BlockIpAddress(ip, 60000);
    return 1;
}
This blocks the player from the server for 1 minute when he enters a wrong RCON password. Don't worry, it auto unblocks him after 60 seconds.
Oh thank you very much I appreciate that :P
but I'm wondering if I can completely disable that Rcon login.
(you get kicked if you type whether correct or incorrect password) But thx anyway :P


I did something hopefully it's ok(below at else if)

Код:
public OnRconLoginAttempt(ip[], password[], success)
{
    if(!success)
    {
        new pip[16],string[256],name[25];
        foreach(Player, i)
        {
            GetPlayerIp(i, pip, sizeof(pip));
            if(!strcmp(ip, pip, true))
           	{
				GetPlayerName(i, name, sizeof(name));
		        format(string,sizeof(string),"Notice: {FFFFFF}%s has entered a wrong rcon password (IP: %s).",name,ip);
                ABroadCast(COLOR_RED2,string,3);
                Kick(i);
                return 1;
            }
        }
    }
    else if(success)
    {
        new pip[16],string[256],name[25];
        foreach(Player, i)
        {
            GetPlayerIp(i, pip, sizeof(pip));
            if(!strcmp(ip, pip, true))
           	{
			GetPlayerName(i, name, sizeof(name));
		       
                Kick(i); // kicks the player, even if it's correct pass.
                return 1;
            }
        }
	}
    return 1;
}
well thanks (I tested it and it works)

Re: How to prevent rcon crack ? - Chaprnks - 27.04.2017

Quote:
Originally Posted by Lester23
Посмотреть сообщение
Oh thank you very much I appreciate that :P
but I'm wondering if I can completely disable that Rcon login.
(you get kicked if you type whether correct or incorrect password) But thx anyway :P
pawn Код:
public OnRconLoginAttempt(ip[], password[], success)
{
    BlockIpAddress(ip, 0);
    return 1;
}
This permanently blocks the player from the server, as soon as he enters a RCON password (correct or incorrect). Is this what you are looking for?

Re: How to prevent rcon crack ? - 001 - 27.04.2017

create 2 RCON passwords.