Change how to disable chat FAQ to be more clear

FedUpWith-Tech 2022-10-01 13:41:46 -04:00
parent 3ec99ef1c0
commit c869fe3132

10
FAQ.md

@ -33,11 +33,11 @@ I recommend setting this to 1,000 for mid-size server maps and 10,000 or greater
Re-download a fresh version and confirm it looks complete. This is a good time to check what the latest version is too
### 8) What are these weird `{jdni}` / `IaM5uchA1337Haxr-Ban Me!` messages I am getting from Dynmap?
### 8) How do I disable chat?
**A)** Some hacker online realized Dynmap webchat can be used to send messages to a Minecraft server log. These messages exploit a vulnerability called Log4J or Log4Shell. For sake a brevity these are exploits which allow hackers to run code on your server without your permission. If you haven't heard of these attacks recently here is [more reading](https://time.com/6128795/log4j-security-flaw/). If you are running the most up to date version of your server you are safe. I want to be very clear that Dynmap will not make you more vulnerable or protect you from this vulnerability. **The only way to protect yourself it to patch your minecraft server.**
If you want to make these messages go away you can disable the webchat by editing configuration.txt and commenting out all of the chat plugins.
**A)** If you want to disable chat either because you use another system or simply do not wish to use it, you can disable the webchat by editing configuration.txt and commenting out all of the chat plugins.
Here is an example of what that would look like, the lines numbers may be different for you and we only included the parts of the config relating to chat.
<details><summary>Original (Click to expand)</summary>
```yaml
@ -94,4 +94,6 @@ Here is an example of what that would look like, the lines numbers may be differ
149| # # Optional: send push button
150| # # sendbutton: false
```
</details>
</details>
If you are noticing strange messages such as:`{jdni}` / `IaM5uchA1337Haxr-Ban Me!` Some hacker online realized Dynmap webchat can be used to send messages to a Minecraft server log. These messages exploit a vulnerability called Log4J or Log4Shell. For sake a brevity these are exploits which allow hackers to run code on your server without your permission. If you haven't heard of these attacks recently here is [more reading](https://time.com/6128795/log4j-security-flaw/). If you are running the most up to date version of your server you are safe. I want to be very clear that Dynmap will not make you more vulnerable or protect you from this vulnerability. **The only way to protect yourself it to patch your minecraft server.** If you want to make these messages go away you can disable the webchat by following the above instructions.