[Lordzy]

Quote:

Originally Posted by Vince I wouldn't rely on RCON for anything at all and would just flat out disable it, even in-game. Whenever there is a login attempt, kick the offending player and then invoke an algorithm to generate a new random password. The new password may optionally be logged to the server log for the rare case it is needed. If you have root access (SSH or RDP) then that step may be skipped since you can retrieve the password by executing varlist in the console window.

That's a great idea. Disabling RCON overall and using server-sided commands or secret login stuffs are a lot better. Using "SendRconCommand", RCON commands can be executed. Since "OnPlayerRconCommand" isn't there by default (however detectable using server_log.txt), the best way is to disable RCON as you've said. Good point you got there.