[AbyssMorgan]

Hello, I would like to present include allowing us to introduce additional security for our file AMX.

Security Functions:
a) AntiDeAMX
b) ScriptSecureADM
- IP and PORT checker
- Expiration date script
- Control slots server
- Check rcon password
- Check server language
- Web ACK System

How to use ScriptSecure.inc

PHP код:

//Install
//#define DONT_ALLOW_LOCALHOST  //additional option
//#define CHECK_MAX_PLAYERS     //additional option
//#define CHECK_RCON_PASSWORD   //additional option
//#define CHECK_SERVER_LANGUAGE //additional option
#define FILE_SERVERIP           "127.0.0.1"
#define FILE_SERVERPORT         (7777)
#define FILE_LICENSEID          (20160201) //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY)
//FILE_LICENSEID - This is the expiry date of the script, if passed it will not be able to run gamemode
#define FILE_MAX_PLAYERS        (500)      //max players in server.cfg
#define FILE_RCONPASS           "123"      //rcon password
#define FILE_LANGUAGE           "English"  //server language
//Web ACK System
//#define ENABLE_WEB_ACK        //additional option (definitions below apply to this option)
//#define SCRIPT_ACK_KEY        "{BOBO_HAHA,ACCESSCONTROL,TRUE}"
//#define SCRIPT_ACK_URL        "example.com/secure_adm/index.php"
//#define SCRIPT_ANTI_FLOOD     (123)   //change this number
//#define SCRIPT_ACK_TIME       (10000) //10 second
#include <ScriptSecure>
public OnGameModeInit(){ //OR OnFilterScriptInit
    AntiDeAMX();
    ScriptSecureADM();
    
    return 1;
} 


How to use MultiScriptSecure.inc

PHP код:

//Install
//#define CHECK_MAX_PLAYERS     //additional option
//#define CHECK_RCON_PASSWORD   //additional option
//#define CHECK_SERVER_LANGUAGE //additional option
//Web ACK System
//#define ENABLE_WEB_ACK        //additional option (definitions below apply to this option)
//#define SCRIPT_ACK_KEY        "{BOBO_HAHA,ACCESSCONTROL,TRUE}"
//#define SCRIPT_ACK_URL        "example.com/secure_adm/index.php"
//#define SCRIPT_ANTI_FLOOD     (123) //change this number
//#define SCRIPT_ACK_TIME       (10000) //10 second
Add server information to ADMServerList
public OnGameModeInit(){ //OR OnFilterScriptInit
    AntiDeAMX();
    ScriptSecureADM();
    
    return 1;
} 


How to use UltimateScriptSecure.inc

PHP код:

//Install
//1. Open UltimateScriptSecure and find "User Configuration"
//2. Edit you server information.
public OnGameModeInit(){ //OR OnFilterScriptInit
    
    if(!USS_Init()) return 0;
    
    return 1;
} 


Web ACK System:
PHP File for ScriptSecure.inc, MultiScriptSecure.inc, UltimateScriptSecure.inc

If you want to use the authorization by the website follow the steps:
1. Edit /secure_adm/index.php

PHP код:

$ANTI_FLOOD = '123'; //the same as SCRIPT_ANTI_FLOOD
$ACK_TRUE =   '{BOBO_HAHA,ACCESSCONTROL,TRUE}'; //the same as SCRIPT_ACK_KEY
$ACK_FALSE =  'Fuck you thief :P'; //anything 


2. Edit /secure_adm/Server.txt

PHP код:

//add IP:PORT your server, example:
127.0.0.1:7777
127.0.0.1:7778 


Error List:

PHP код:

[ADM] Info: Local server detect.
[ADM] Error: This script is stolen.
[ADM] Error: Script license has expired.
[ADM] Error: Invalid server config, check your max players.
[ADM] Error: Invalid server config, check your rcon password.
[ADM] Error: Invalid server config, check your language.
[ADM] Error: The script did not get permission to activation. 


What should I choose ?
ScriptSecure.inc - For one server configuration.
MultiScriptSecure.inc - For many server configurations.
UltimateScriptSecure.inc - The same as above but more advanced options.

Download:
UltimateScriptSecure.inc (v5.0.0)
MultiScriptSecure.inc (v4.0.1)
ScriptSecure.inc (v4.0.1)
Web ACK System


Notice:
Posts can be made available in a other language forums, please remember to keep the author and permanent link to file on github and a link to post in forum samp.

Non-Registered Users:
Bug Report

[Gammix]

pawn Код:

#if !defined isnull
    #define isnull(%1) ((!(%1[0])) || (((%1[0]) == '\1') && (!(%1[1]))))
#endif

Do the same for these:

pawn Код:

#define FILE_SERVERIP           "127.0.0.1"
#define FILE_SERVERPORT         (7777)          
#define FILE_LICENSEID          (20160201)      //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY)
#define FILE_MAX_PLAYERS        (500)           //max players in server.cfg
#define FILE_RCONPASS           "123"           //rcon password
#define FILE_LANGUAGE           "Polish"        //server language

So the user won't need to edit the include but do something like this:

pawn Код:

#define FILE_SERVERIP "127.0.0.1"
#include <ScriptSecure>

And i think the only thing enough for security is the IP and PORT.

[AbyssMorgan]

Quote:

Originally Posted by Gammix pawn Код: #if !defined isnull     #define isnull(%1) ((!(%1[0])) || (((%1[0]) == '\1') && (!(%1[1])))) #endif Do the same for these: pawn Код: #define FILE_SERVERIP           "127.0.0.1" #define FILE_SERVERPORT         (7777)          #define FILE_LICENSEID          (20160201)      //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY) #define FILE_MAX_PLAYERS        (500)           //max players in server.cfg #define FILE_RCONPASS           "123"           //rcon password #define FILE_LANGUAGE           "Polish"        //server language So the user won't need to edit the include but do something like this: pawn Код: #define FILE_SERVERIP "127.0.0.1" #include <ScriptSecure> And i think the only thing enough for security is the IP and PORT.

okay I might add, I personally love the protection time, useful when we are co-owner of the server

[Gammix]

Actually you got it wrong:

pawn Код:

#if !defined FILE_SERVERIP
    #error Please #define FILE_SERVERIP "127.0.0.1"
#endif

Should/Recommended to be like this:

pawn Код:

#if !defined FILE_SERVERIP
    #define FILE_SERVERIP "127.0.0.1"
#endif

So if user haven't defined, the include will run on its default value.

[Spmn]

1. Your protection will fail if "bind" is unset since comparing a null string to a non-null string will return 0 (strings are the same)

2. There is no point in checking if rcon_password is unset because it can't be.

3. I don't get why you stop server if Language or RCON Password is set to any other value than what it is defined in script. Why don't you just change them to the value that should be and eventually print a warning message.

4. Instead of throwing the same error in case of misconfiguration (Invalid Server Config) it should print different messages for every case. It can be quite hard for a newbie to find out what is misconfigured.

[AbyssMorgan]

1. corrected
2. corrected
3. added switches

PHP код:

#define DONT_ALLOW_LOCALHOST    //additional option
#define CHECK_MAX_PLAYERS        //additional option
#define CHECK_RCON_PASSWORD        //additional option
#define CHECK_SERVER_LANGUAGE    //additional option 


4. corrected

[JustMe.77]

Could you add multiple IP's Port and stuff? I'd need it for example with my HomeServer IP, Main Server IP and TestServer IP.

Anyways, nice Include.

[AbyssMorgan]

I can do it

[AbyssMorgan]

Quote:

Originally Posted by JustMe.77 Could you add multiple IP's Port and stuff? I'd need it for example with my HomeServer IP, Main Server IP and TestServer IP. Anyways, nice Include.

I created a second version which allows you to specify multiple servers.
Read the instruction inside file.
https://github.com/AbyssMorgan/SA-MP...riptSecure.inc

[AbyssMorgan]

Update v4.0 for ScriptSecure.inc and MultiScriptSecure.inc:
- Added Web ACK System (confirmation by the web server)
- Fixed minor bugs in the code

[JustMe.77]

Using it since yesterday active, great release!
Is there any way to only allow Localhost?

[AbyssMorgan]

localhost is always allowed in ScriptSecure.inc unless you use options
DONT_ALLOW_LOCALHOST

if the server ip 127.0.0.1 give the script will be available only for localhost

Example localhost:

PHP код:

#define FILE_SERVERIP           "127.0.0.1" 
#define FILE_SERVERPORT         (7777) 
#define FILE_LICENSEID          (20160201) //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY) 
#define FILE_MAX_PLAYERS        (500)      //max players in server.cfg 
#define FILE_RCONPASS           "123"      //rcon password 
#define FILE_LANGUAGE           "English"  //server language 


Example public server (91.196.50.114:7777):

PHP код:

#define FILE_SERVERIP           "91.196.50.114" 
#define FILE_SERVERPORT         (7777) 
#define FILE_LICENSEID          (20160201) //<--- YYYYMMDD 01.02.2016 (DD.MM.YYYY) 
#define FILE_MAX_PLAYERS        (500)      //max players in server.cfg 
#define FILE_RCONPASS           "123"      //rcon password 
#define FILE_LANGUAGE           "English"  //server language 


[AbyssMorgan]

Update v5.0.0:

- Created new UltimateScriptSecure.inc (archetype MultiScriptSecure.inc)

- Added an additional option to individually choose the type of security.

- Added internal callback

PHP код:

USS_OnScriptError(errorid); 


- Added special definition USS_ANONYMOUS for use any ip/port

Download:
UltimateScriptSecure.inc

[Bolex_]

Good Job

[OneDay]

Can you add password: https://sampforum.blast.hk/showthread.php?tid=624230

[JustMe.77]

Thanks for the update, by far one of my favourite includes