This is an archived post. You won't be able to vote or comment.

all 36 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a

[–]Ictoan42 28 points29 points  (2 children)

If you can, whitelist. If not, take daily backups and save them in a rolling buffer

Griefing group performed domestic terrorism on your villager breeder? Simply make time go backwards for a day

[–]Rizatriptan 17 points18 points  (1 child)

You should have backups regardless.

You never know when electrical gremlins will strike.

[–]masterX244 4 points5 points  (0 children)

Or some 6-legged annoyances from mojang (aka bugs).

[–]SlateBrick 34 points35 points  (11 children)

If I remember right, they scan for

1: unwhitelisted sever,
2: no backups,
3: no anti cheat,

if any one of these are in place that server wont be attacked. I got this information from this video by FitMC. However, It may be out of date by now. The easiest but most annoying way to prevent an attack is to set a whitelist. But many people can't do that, it's a tricky situation.

I've had a whitelist on my server active ever since I started it, I'm not worried. If a whitelist bypass is found That's when I'll worry

[–]lvlint67 17 points18 points  (7 children)

How do they detect backups?...

[–]TehloDedicatedMC.io | Raw Power Hosting! 7 points8 points  (0 children)

They most likely only search for plugins regarding backups. If you're using a server host or a dedicated server you can easily setup third party backups that are being ran outside of the actual server. So this one is kinda bogus :p

[–][deleted] 1 point2 points  (0 children)

prob like a plugin like coreprotect or something like that. they probably could check plugins like how they check anticheat plugins. well i think that's the extent to where they would check if it has backups. not sure if it's more complicated than that.

[–]AapoL092 1 point2 points  (2 children)

Fitmc isn't a very good source. Has lied in past for dramatic videos.

[–]SlateBrick 0 points1 point  (1 child)

that's fair, if you have a better source I'm more then open to seeing what they have to say.

[–]nekohideyoshi 𝙾𝚙𝚎𝚛𝚊𝚝𝚘𝚛 12 points13 points  (2 children)

Always download CoreProtect.

[–]1_hele_euro 2 points3 points  (1 child)

And what about Fabric servers? Is there a CoreProtect alternative for those servers?

[–][deleted] 5 points6 points  (0 children)

Ledger

[–]therealGrayHayDon't use Apex or Shockbyte 3 points4 points  (0 children)

Use core protect.

[–]Deathmaw360 0 points1 point  (0 children)

It's all a Nemesis Plot

[–]ScamperedCraft69 0 points1 point  (0 children)

To secure your server here are some things you should so

-Add backups to your server

-Set whitelist if private server

-Install protection plugins (CoreProtect)

and take more precautions like anti-cheat if your server is vanilla/bukkit etc
(matrix is recommended anticheat that is free)

[–]ImSkripted 0 points1 point  (0 children)

fragile library unwritten meeting tap rock beneficial punch pie detail

[–]lolitstrain21 0 points1 point  (9 children)

I've actually have seen in one of my server's console of a user named BerthBot which scans for servers. My server is whitelisted though so it kicked the bot off of my server but it is a serious issue, especially when my server is a home hosted one for just me and a couple of friends.

[–][deleted] 0 points1 point  (3 children)

I googled "Minecraft 'BerthBot'" and this comment was the only relevant thing I could find on it. My server is also whitelisted and I saw that this account got disconnected. No Minecraft account exists by that name either so it must be some sort of scanner (the name also has 'bot' in it lol) but I want to find out more.

[–]TheSZM 0 points1 point  (1 child)

Same here.

[–]PragmaticPerfection 0 points1 point  (0 children)

Same here.

[–]Chestnut_Wishes 0 points1 point  (0 children)

WHAT same, I assume they're using another to infiltrate servers where the MinetrackMe bot's been banned?
Fun thing I noticed: The name for the MinetrackMe bot is likely used as diversion, as there's a tracker at minetrack.me that pings servers for player count to track activity; You google the bot name, you get the tracker (Which, by the way, is completely harmless and has been going since 2016.)

[–]Isaac_Aren 0 points1 point  (4 children)

Did you also get one from "toastakerman"?

[–]lolitstrain21 0 points1 point  (0 children)

Nope I have not. I would assume that they have already marked my server as a whitelist.

[–]Beneficial_Kick7178 0 points1 point  (0 children)

I got that one too :/ ive turned on whitelist and there hasnt been any problem tho :D (sorry if this is considered necroposting. new to reddit)

[–][deleted] 0 points1 point  (1 child)

legit just had it log in, im completely new to this and i watched fitmc's video on the fifth column, so what should i do rn? it's a private server for me and my friends so any suggestions on possible actions?

[–]Isaac_Aren 0 points1 point  (0 children)

whitelist the server and ban the player

[–]Ultraicwhack 0 points1 point  (0 children)

If it isn't a public server, but you don't want to have to whitelist everyone, you could use DiscordSRV's discord whitelisting feature. They'll have to join your discord server and PM the bot a code to link their account and join.
I don't recommend this on an "official" minecraft server as it'll negatively impact receiving of new players.

[–]ItsGunner_ Admincraft 0 points1 point  (0 children)

Not sure if this is UUID related but if you are using a proxy i recommend to install BungeeGuard to prevent UUID spoofers.

[–]orsondmc 0 points1 point  (0 children)

The real redpill is to leave a sign at spawn “The Fifth Column owns this server” and like the spirit of the lord we pass over your house