Ulysses

General => Off-Topic => Topic started by: The Asian Aimbot on March 05, 2017, 02:46:30 PM

Title: Help Hardening SRCDS server
Post by: The Asian Aimbot on March 05, 2017, 02:46:30 PM

I've followed a guide from Allied Modders on hardening my server, any other tips? Thanks! :D

Title: Re: Help Hardening SRCDS server
Post by: JamminR on March 05, 2017, 07:30:12 PM

Link, so our community can review before making tips you may have already done?

Title: Re: Help Hardening SRCDS server
Post by: iViscosity on March 05, 2017, 08:34:47 PM

https://wiki.alliedmods.net/Srcds_hardening

Since he didn't reply, I'd ASSUME this is what he's talking about. If not, please correct me but this is what I found after searching 'Allied Modders srcds hardening'

Title: Re: Help Hardening SRCDS server
Post by: MrPresident on March 05, 2017, 09:52:40 PM

sv_allowupload 0
sv_allowdownload 0
sv_allowcslua 0

Don't give FTP or RCON access to ANYONE other than yourself. I don't care if you think you trust them. I've seen so many issues of "my co-owner did this" etc etc etc
Don't put your RCON password in your server.cfg file. Put it in your command line, or don't have rcon.

Don't use workshop addons.
Don't use addons at all.. (I know this isn't really realistic.. but just know that anything you didn't make yourself COULD potentially have a backdoor, so only use trusted/vetted addons)

Don't give admin access to anyone you don't trust explicitly.
Don't allow admins things like ulx ent or ulx rcon.

That's about it really. I can't think of anything else.

Title: Re: Help Hardening SRCDS server
Post by: The Asian Aimbot on March 07, 2017, 05:06:29 PM

Quote from: JamminR on March 05, 2017, 07:30:12 PM

Link, so our community can review before making tips you may have already done?

Quote from: MrPresident on March 05, 2017, 09:52:40 PM

sv_allowupload 0
sv_allowdownload 0
sv_allowcslua 0

Don't give FTP or RCON access to ANYONE other than yourself. I don't care if you think you trust them. I've seen so many issues of "my co-owner did this" etc etc etc
Don't put your RCON password in your server.cfg file. Put it in your command line, or don't have rcon.

Don't use workshop addons.
Don't use addons at all.. (I know this isn't really realistic.. but just know that anything you didn't make yourself COULD potentially have a backdoor, so only use trusted/vetted addons)

Don't give admin access to anyone you don't trust explicitly.
Don't allow admins things like ulx ent or ulx rcon.

That's about it really. I can't think of anything else.

I've used this tutorial here: https://forums.alliedmods.net/showthread.php?t=189327

Quote from: MrPresident on March 05, 2017, 09:52:40 PM

sv_allowupload 0
sv_allowdownload 0
sv_allowcslua 0

Don't give FTP or RCON access to ANYONE other than yourself. I don't care if you think you trust them. I've seen so many issues of "my co-owner did this" etc etc etc
Don't put your RCON password in your server.cfg file. Put it in your command line, or don't have rcon.

Don't use workshop addons.
Don't use addons at all.. (I know this isn't really realistic.. but just know that anything you didn't make yourself COULD potentially have a backdoor, so only use trusted/vetted addons)

Don't give admin access to anyone you don't trust explicitly.
Don't allow admins things like ulx ent or ulx rcon.

That's about it really. I can't think of anything else.

Thanks a lot!