[Mod] VPS Blocker [vps_blocker]
-
- Member
- Posts: 70
- Joined: Wed Dec 21, 2016 04:13
- GitHub: ruslan1-dev
- IRC: Ruslan1
- In-game: Ruslan1
Re: [Mod] VPS Blocker [vps_blocker]
As far as I am aware only the operator(s) of the server will be able to see their IPs, not even full privileged players on the game server itself can view the logs and therefore cannot see IPs.
As far as I aware the server does not send this data back to the client.
So I feels this "reason" is nullified.
As the old saying goes, you win some, you lose some, what matters more is what are you losing and how often?
Personally I rather "lose" a number of "legit" players than deal with possibly more trolling, unprotected griefers if not even outright harmful players. Even if hypothetically speaking you are rejecting "40%" of the good players, I rather not deal with the other 60% of bad players.
As for dynamic IPs, I am on one and my rarely ever changes, even a router reboot may not even change it! Every ISP is different but even then it's lesser threat in my opinion than VPN users may pose.
- Linuxdirk
- Member
- Posts: 3219
- Joined: Wed Sep 17, 2014 11:21
- In-game: Linuxdirk
- Location: Germany
- Contact:
Re: [Mod] VPS Blocker [vps_blocker]
How does blocking VPS users help with that? Better use proper protection, only manually assigned privileges, a rollback system, and strict chat moderation.
Re: [Mod] VPS Blocker [vps_blocker]
Because it's best automated tool at admins' disposal at this time that removes at least a decent number of risky players.
Think of it why eCommerce stores, service providers and so on block VPNs, risky countries and so on. Same idea here. Yea you will "lose some along the way" as with any automated pre-screening but let's be honest, by large how many VPN users are "legit"? As I said I almost certain there usually bad>good ratio of VPN players.
Re: [Mod] VPS Blocker [vps_blocker]
Trying to answer...
If you have a server with players which loose everything when they get banned like normal survival servers, you don't really need such a mods as this can be used to pressurizing medium. :) And on the other side they first need stuff for grieving or other rule abuses.
But if you have for example a mini game server it doesn't matter how old the player is. The damage is the same.
About steeling players accounts: Especially on the old 0.4.17 servers are a lot of mobile players with default passwords which can be easily used. :(
BTW: Censorship bypassing VPNs often doesn't support UDP which is used by minetest
About token login validation login and so on: Basically a good idea but just not the goal of this mod :)
Would also need support on the client-side which makes it a lot harder to implement.
The stats of iphub.info tell me that you don't lose so much players.
Maybe, but it's pretty accurate (in my case).
It's the Problem, I will mention multiple times in this answers.Sokomine wrote: ↑Thu Jul 23, 2020 19:08Can't be a good friend if his account is stolen and used for miscevious things. And if the accounts are that lightly protected against abuse (that is: almost not at all), then the server and its players have other problems and ought to encourage passwords first.
With all the abuse going on by governments pretending it's to prevent terrorism but in reality just pretending to do something so that older people feel safer and elect them again (with the side (?) effect of large companies getting more data for free) I feel it gets more and more important to encourage internet users to protect their privacy.
Banned players trying to rejoin is usually just a matter of a couple of hours. If said users would have been patient, there'd probably have been no reason to ban them in the first place because they'd also have known how to behave in general. A mod that puts some obstacles into the process of creating new accounts can relieve the moderators of a lot of work in those critical hours. But there's no need either to always check each IP of each already known player.
But then, wishes for mods are easy to state :-) Implementing them is much more work.
If you have a server with players which loose everything when they get banned like normal survival servers, you don't really need such a mods as this can be used to pressurizing medium. :) And on the other side they first need stuff for grieving or other rule abuses.
But if you have for example a mini game server it doesn't matter how old the player is. The damage is the same.
About steeling players accounts: Especially on the old 0.4.17 servers are a lot of mobile players with default passwords which can be easily used. :(
There are valid reasons to use a VPN sure but not on a minetest server. If your state does censorship you have different problems in my opinion.neoh4x0r wrote: ↑Fri Jul 24, 2020 01:23TL;DR Tracking players by ip address is a waste for time -- they can change. Need some identifier that is actually "fixed/static".
The reasons to use a VPN, as I see it:The point is that you can't have the good without the bad....you can't block bad actors without also potentially blocking good actors.
- Someone is being nefarious and wants to reak havoc on the server (they want to hide their real ip)
- Someone doesn't want other players to know their real ipaddress (for privacy reasons -- maybe doesn't want to give someone a target for a DDoS attack, etc)
- Someone is accessing the server from a location that does not allow it (eg. foreign countries, businesses, etc with firewall rules--the VPN cuts through the firewall).
Blocking VPN users as a matter of minetest server administration is the wrong way to administrate a server.
I will bet that most users that access a server will have a dynamic (non-static) IP that could change over time.
Furthermore,
Tracking a player by an ip address is a lost cause.
If they must provide "login" credentials then it would not be possible to have public servers.
I think the best way to identity repeat (or new) players would be to generate a special token, a string of characters, that will uniquely identity them.
The server will maintain a list of tokens associated with players.
If someone that was banned (for bad behavior) decides to delete this token, then it does not matter as a new token will be generated and if they misbehave again that token will also be flagged.
For the token not to be flagged they will have to honor the server rules (i.e. be a good citizen).
It might even be possible to encrypt the token server-side and then store on the client's system (to prevent clients from being able to read the token or manipulate it).
That is the only, right, way to do it...in my opinion.
BTW: Censorship bypassing VPNs often doesn't support UDP which is used by minetest
About token login validation login and so on: Basically a good idea but just not the goal of this mod :)
Would also need support on the client-side which makes it a lot harder to implement.
Try this old version if the new one doesn't work. Anyway I'm pretty sure it should work.
Ip changing seems to be very different for the different ISPsMineminer wrote: ↑Fri Jul 24, 2020 02:07As the old saying goes, you win some, you lose some, what matters more is what are you losing and how often?
Personally I rather "lose" a number of "legit" players than deal with possibly more trolling, unprotected griefers if not even outright harmful players. Even if hypothetically speaking you are rejecting "40%" of the good players, I rather not deal with the other 60% of bad players.
As for dynamic IPs, I am on one and my rarely ever changes, even a router reboot may not even change it! Every ISP is different but even then it's lesser threat in my opinion than VPN users may pose.
The stats of iphub.info tell me that you don't lose so much players.
I fully agree, it just as I said before depends on the type of server what makes sense.
- Miniontoby
- Member
- Posts: 616
- Joined: Fri Mar 01, 2019 19:25
- GitHub: Miniontoby
- IRC: Miniontoby
- In-game: Miniontoby
- Location: The Netherlands
Re: [Mod] VPS Blocker [vps_blocker]
Does this still works???
Re: [Mod] VPS Blocker [vps_blocker]
Sure, I'm currently using it on my own server!
-
- Member
- Posts: 316
- Joined: Sun Feb 15, 2015 07:14
- IRC: redneonglow redblade7
- In-game: redblade7 redblade7_owner
Re: [Mod] VPS Blocker [vps_blocker]
I've been having an issue with a griefer harassing me for over a year now. He uses VPN IPs from a variety of different countries to evade my bans. He's gotten particularly obnoxious lately, and I've had to put in a number of mods to help prevent him from causing trouble. I'm trying VPS Blocker too, but I have one question - what happens after the 100th/1000th login? Will it prevent future logins to the Minetest servers or will it bypass the lookup and let anyone connect? I'd rather the former happen.
-redblade7, admin of: THE CREATIVE GARDENS (creative), THE VALLEYS (sandbox), and THE DIGITAL FARMS (farming/hunger/shops)
Who is online
Users browsing this forum: Nininik and 17 guests