Banning Issues..

Hi Guys,

2 questions really.

I had a player, who occasionally harasses my server, who managed to manipulate GMOD in some way to ban 3 players on my server.
The normal “Disconnected: Added to banned list” message was what they got.

I’ve encountered this before by accident, in that the players aren’t banned in any of the lists, and restarting my server resolved the issue and let people join again.

Question 1: Is there a way to stop a malicious player from manipulating GMOD to ban players on the server like this?

The second issue is about IP banning, I want to ban a single IP address from playing on my server.
I’ve tried using the banned_ip file, but it just doesn’t seem to work. I’ve put in addip 0 x.x.x.x

Before you post, please note I know that banning by IP is not recommended, but I’m 99% sure this guy has a static IP address.
I understand that if he does not, I may ban a minuscule number of players from accessing my server, on the off chance they get the same IP address from their ISP’s DHCP.
This is a small risk I am willing to take.

Question 2: I’ve never used the banned_ip file before, so basically asking if someone can explain to me if there is more I need to do to get it to work.

**1: **Sound like they got banned by Rcon for too many failed connections.
That is happening because the ‘hacker’ sends a link to the other players that opens the link and that site open multiple iframes with the server ip.
The only real fix for that is to turn of the rcon punishment. Look at the rcon commands here:

**2: **I’m not sure if it works but i think you just need to type in the ip (nothing infront). Also you need to restart you server.

Will disabling RCON stop people from getting banned from this method?
I’ve been contemplating just disabling RCON completely.

Although I do use it occasionally, maybe is just isn’t worth the extra hassle.

Yeah disabling rcon should stop that and is the only good fix.
The ‘exploit’ will probably not get fixed (if it’s possible) anytime soon.

The exploit can’t really be ‘fixed’. It’s a feature if anything, too many failed rcon attempts gives you a ban to prevent you from brute forcing. You can increase the limit or disable rcon.

Yeah, thanks guys.
I’ve decided to just disable RCON on my server. I’ll just have to live without the convenience of it, but at least it means the auto-ban can’t be exploited by people on the server to get others banned.

As for the banned_ip.cfg file, I’ve managed to figure it out on my lab server.
I just needed to add the: exec banned_ip.cfg command into the autoexec.cfg file.