Server Security 2n145f
For Linux s 63543h
Never run your server as root because this can make your whole system vulnerable!
- CS2D crashes (or stops processing net requests) when it receives empty UDP packets. Use this IP-Tables rule to block empty packages:
iptables -A INPUT -p udp -m length --length 0:28 -j DROP--length 0:28 selects packets with a length of 0 to 28 bytes. 28 bytes is the UDP header size. Packets with a size of 28 bytes consist of header only and have no payload. CS2D does not use empty UDP packets but other apps might do so. In such a case you should limit the rule to the port(s) you are using for CS2D servers.
Important Settings 3t2642
The most important settings for server security: 6212q
- banusgn to ban these guys.
- sv_: The of your server. You should choose a long with letters and numbers if you don't want random people to . Otherwise keep it empty.
- mp_maxrconfails. It tells the game how often people are allowed to fail while logging in. Further attempts will be ignored. The default is 5 attempts which should be okay for most servers.
- mp_kickpercent: Controls how many votes are required to votekick players. Default is 0.66 = 66% of all players in the same team.
- mp_maxclientsip: How many players with the same IP are allowed on your server? Default is 5. You have to increase this value if many people from within the same network want to . Set it to 1 if you have problems with -flooders and fake players that have the same IP.
- mp_floodprot: This is a primitive attack protection against DoS (denial of service) attacks from one single source. Your server will cease to respond to UDP packet flooders automatically when this setting is enabled. Make sure that it is set to 1 (activated). You normally never have to disable this protection!
- sv_rcons!
- mp_reservations or Lua scripts that use the U.S.G.N. ID. It will make sure that the U.S.G.N. ID of players is correct before it allows them to .
- There is more: Full list of all security related CS2D settings
External Remote Control (RCon) 5lzn
External RCon is allowed as soon as you set an RCon . It allows to control your server without ing it. This can be done over a serverlist context menu or 3rd party tools. External RCon can be a risk because it sends your RCon unencrypted. It is recommended to always use sv_rcons which restricts RCon access and automatically disables external RCon as well.
Check your Logs bn3w
Strange things happen on your server? Check the log files! You can find all your log files in sys/logs/ in your CS2D folder.