mirror of
https://github.com/SpigotMC/BungeeCord.git
synced 2024-11-30 14:13:47 +01:00
#2549 Add security / firewall warning to readme.
This commit is contained in:
parent
c26705e6b1
commit
783979b6b9
@ -9,6 +9,12 @@ Information
|
|||||||
-----------
|
-----------
|
||||||
BungeeCord is maintained by [SpigotMC](https://www.spigotmc.org/) and has its own [discussion thread](https://www.spigotmc.org/go/bungeecord) with plenty of helpful information and links.
|
BungeeCord is maintained by [SpigotMC](https://www.spigotmc.org/) and has its own [discussion thread](https://www.spigotmc.org/go/bungeecord) with plenty of helpful information and links.
|
||||||
|
|
||||||
|
### Security warning
|
||||||
|
|
||||||
|
As your Minecraft servers have to run without authentication (online-mode=false) for BungeeCord to work, this poses a new security risk. Users may connect to your servers directly, under any username they wish to use. The kick "If you wish to use IP forwarding, please enable it in your BungeeCord config as well!" does not protect your Spigot servers.
|
||||||
|
|
||||||
|
To combat this, you need to restrict access to these servers for example with a firewall (please see [firewall guide](https://www.spigotmc.org/wiki/firewall-guide/)).
|
||||||
|
|
||||||
Source
|
Source
|
||||||
------
|
------
|
||||||
Source code is currently available on [GitHub](https://www.spigotmc.org/go/bungeecord-git).
|
Source code is currently available on [GitHub](https://www.spigotmc.org/go/bungeecord-git).
|
||||||
|
Loading…
Reference in New Issue
Block a user