Anti-entry mod (1.16.5)

[ZSPYDO]

Bots somehow miraculously learned how to emulate the list of mods, now they can log in to the server normally Question: How do I cancel the player's login (I will instantly and automatically find out if the player is a bot if he tries to log in before loading the player himself in the world, but after he passes the nickname and ip address) I can't think of anything worse than PlayerServerEntity.connect.disconnect, but unfortunately the player manages to log on to the server and get the world data before it kicks. ((This is all I do in PlayerLoggedInEvent) Is there a way to kick the player after he passes the nickname and IP address? (Maybe there is an analogue of PlayerPreLogginEvent in spigot)

Edited April 23, 2022 by ZSPYDO

[ZSPYDO]

1 hour ago, diesieben07 said:

Just ban them via the normal Minecraft means?

Yes, I want to be banned, but I know the bot or the player only when joining, I can't find out in advance (The player still manages to log in and it spams to the server Player joined to the game And then Player left the game

Maybe you can somehow remove these messages at the server core level? (Preferably not working with core mod)

Well, for example, how do I create my own ban system. ((Without changing the core mod at the same time, I don't want to touch the core mod in general)

Edited April 23, 2022 by ZSPYDO

[ZSPYDO]

1 minute ago, diesieben07 said:

Then I am honestly not sure what you want to achieve.

I want to cancel the player's login to the server (Before the player logs in to it)

 

[ZSPYDO]

7 minutes ago, diesieben07 said:

Yes... but why? There is no Forge API to do this. Use the vanilla ban lists.

Vanilla bans are already occupied for another I need another system of bans (Maybe I can somehow change the forge code?)

That is, I need a system that will work like vanilla bans, but just check an additional list of bans

Edited April 23, 2022 by ZSPYDO

[ZSPYDO]

5 minutes ago, diesieben07 said:

What do you mean by "occupied for another"? What on earth are you talking about?

The vanilla ban system is used to ban violators, if I also use it to ban bots, then later I will not be able to distinguish players who were banned because of the bot from players who violated the rules of the server. And in the future, players who were banned for violating the rules of the server will be able to say that they were banned because of the bot...

Also, I will not be able to erase the database of violators without erasing the database of bots, and vice versa...

Edited April 23, 2022 by ZSPYDO

[ZSPYDO]

6 minutes ago, diesieben07 said:

Then keep track in a separate system.

This is a very good idea, but then other problems appear, so for example, when a player logs in, my PlayerLoggedInEvent will not work, and I will not be able to compare the current time with the past and check whether it's time to let the player on the server.

Maybe you know how to make a semblance of the ip whitelist plugin on forge (Without third-party applications like iptables)

Edited April 23, 2022 by ZSPYDO

[ZSPYDO]

5 minutes ago, diesieben07 said:

There have been several attempts at bringing one to Forge through pull requests, but the PR authors either always lost interest or did not comply with the requirements for getting it implemented.

When I was on 1 12 2, I found the implementation of the ban system in forge.source in java format, Maybe there is a way on 1 16 5 to find this system and add the ip whitelist system there... In this matter, I was able to achieve success on 1 12 2, but only within eclipse, when trying to go outside of eclipse with the mod, everything stopped working...

That is, when starting the server via runserver, everything worked, and when compiling the mod via gradle build, what I changed in forge.source in java format lost its force

Edited April 23, 2022 by ZSPYDO

[ZSPYDO]

2 minutes ago, diesieben07 said:

There has never been an API for it in Forge due to concerns of abuse.

Now the lack of such functionality is very hindering, it turns out that plug-ins become almost irreplaceable...

The server is now literally defenseless against bot attacks, since even if you ban the bot at the entrance, it will still put a load on the server (Downloading the world for a few seconds)

Edited April 23, 2022 by ZSPYDO

[ZSPYDO]

How many difficulties arise because of such a seemingly simple thing... I am sure that when bots bypassing the protection of the list of mods become widespread, it will still be added to forge, otherwise all servers hosted on hosting sites will simply become defenseless.

[ZSPYDO]

19 minutes ago, diesieben07 said:

I still fail to see the issue that cannot be solved by the normal vanilla ban- and whitelist.

Imagine the following system: BungeeCord When connected from server B to server F Passes data (Nick and Ip) to the MYSQL database But server F has a whitelist enabled, Also server F cannot update it 1 time in player login, because PlayerLoggenInEvent will not work because of the included white list. As a result, the server F checks every second for new records in the MySql database, then adds the player to the white list, and then deletes or transfers the player record from MySql to any other place in MySql For example, in MySql from table A to table B Now we have the following situation, MySql And server F has very good optimization, but this is not enough, since the player can be kicked, because server F checks the MySql database once every 1 second, and server B transfers data to the MySql database only after it starts switching the player. To sum up: The player will be kicked at least 1 time for every first connection to another Forge server that uses bungeecord

P.S The ban system is not even considered in the context of the whitelist ip system for obvious reasons (How lucky that I once figured out how to add a database to Forge MySql ...)

Edited April 23, 2022 by ZSPYDO