[Lester23]

Hi, is there any way to prevent people trying to crack my Rcon password from my server?

I mean when they're using /rcon login to get kicked from the server, doesn't matter if they enter the password correctly

in server.cfg rcon 0 is not quite efficient tho. If I type the password correctly, it grants the access.

[Astralis]

Just make second rcon password.. with dialogs ingame. Once you log in with first it will ask for second, if fail or not enter = kick/ban.

[Chaprnks]

Best failsafe for me:

server.cfg

Код:

rcon 0
rcon_password TAzADG3q6AH0UW0HPkfHi0YwSfhE7WsJ

This disables remote RCON (without being in-game) & you should also add punishment for XX failed logins in-game:

pawn Код:

public OnRconLoginAttempt(ip[], password[], success)
{
    if(!success) BlockIpAddress(ip, 60000);
    return 1;
}

This blocks the player from the server for 1 minute when he enters a wrong RCON password. Don't worry, it auto unblocks him after 60 seconds.

[Lester23]

Quote:

Originally Posted by Chaprnks Best failsafe for me: server.cfg Код: rcon 0 rcon_password TAzADG3q6AH0UW0HPkfHi0YwSfhE7WsJ This disables remote RCON (without being in-game) & you should also add punishment for XX failed logins in-game: pawn Код: public OnRconLoginAttempt(ip[], password[], success) {     if(!success) BlockIpAddress(ip, 60000);     return 1; } This blocks the player from the server for 1 minute when he enters a wrong RCON password. Don't worry, it auto unblocks him after 60 seconds.

Oh thank you very much I appreciate that :P
but I'm wondering if I can completely disable that Rcon login.
(you get kicked if you type whether correct or incorrect password) But thx anyway :P


I did something hopefully it's ok(below at else if)

Код:

public OnRconLoginAttempt(ip[], password[], success)
{
    if(!success)
    {
        new pip[16],string[256],name[25];
        foreach(Player, i)
        {
            GetPlayerIp(i, pip, sizeof(pip));
            if(!strcmp(ip, pip, true))
           	{
				GetPlayerName(i, name, sizeof(name));
		        format(string,sizeof(string),"Notice: {FFFFFF}%s has entered a wrong rcon password (IP: %s).",name,ip);
                ABroadCast(COLOR_RED2,string,3);
                Kick(i);
                return 1;
            }
        }
    }
    else if(success)
    {
        new pip[16],string[256],name[25];
        foreach(Player, i)
        {
            GetPlayerIp(i, pip, sizeof(pip));
            if(!strcmp(ip, pip, true))
           	{
			GetPlayerName(i, name, sizeof(name));
		       
                Kick(i); // kicks the player, even if it's correct pass.
                return 1;
            }
        }
	}
    return 1;
}

well thanks (I tested it and it works)

[Chaprnks]

Quote:

Originally Posted by Lester23 Oh thank you very much I appreciate that :P but I'm wondering if I can completely disable that Rcon login. (you get kicked if you type whether correct or incorrect password) But thx anyway :P

pawn Код:

public OnRconLoginAttempt(ip[], password[], success)
{
    BlockIpAddress(ip, 0);
    return 1;
}

This permanently blocks the player from the server, as soon as he enters a RCON password (correct or incorrect). Is this what you are looking for?

[001]

create 2 RCON passwords.