#2549 Add security / firewall warning to readme.

2024-09-20 18:11:08 +02:00 · 2018-11-21 02:19:34 +01:00 · 2018-11-21 02:19:34 +01:00 · 783979b6b9
commit 783979b6b9
parent c26705e6b1
1 changed files with 6 additions and 0 deletions
--- a/README.md
+++ b/README.md
@ -9,6 +9,12 @@ Information
 -----------
 BungeeCord is maintained by [SpigotMC](https://www.spigotmc.org/) and has its own [discussion thread](https://www.spigotmc.org/go/bungeecord) with plenty of helpful information and links.

+### Security warning
+
+As your Minecraft servers have to run without authentication (online-mode=false) for BungeeCord to work, this poses a new security risk. Users may connect to your servers directly, under any username they wish to use. The kick "If you wish to use IP forwarding, please enable it in your BungeeCord config as well!" does not protect your Spigot servers.
+
+To combat this, you need to restrict access to these servers for example with a firewall (please see [firewall guide](https://www.spigotmc.org/wiki/firewall-guide/)).
+
 Source
 ------
 Source code is currently available on [GitHub](https://www.spigotmc.org/go/bungeecord-git).