My server.cfg gets downloaded from FTP!

My server has been hacked 5 times in 2 days. Basically what they do is download the server.cfg file.
And they start banning people, changing cvars, changing map, basically ruining my server.

I even found a whole “ToxicNuke” addon on my server, which I didn’t upload at all.

I’ve tried meta source with the plugin D-FENS but it seems to block the download of .dua files and crashes the GMOD client.

Server seems doomed.

Any news on this? :frowning:

Theres a really bad new server exploit. Id just close your server down until its patched.

Set up a FastDL server and do sv_downloadurl fastdl url on your server. Also set sv_allowdownload and sv_allowupload to 0, and copy the client’s engine.dll to your server’s.

Are there any guides on how to setup a FastDL? We’ve got a webserver and everything.

How can they hack your server config? Ono

Can you explain?

Theres a really bad new server exploit. Id just close your server down until its patched.

Whats the exploit?

Something you shouldn’t ask about because nobody will give it to you because you will just use it to do stuff like this.

D-FENS doesn’t do anything, I already had someone prove to me how shitty it is and that whoever made it is an idiot. :v:

You can bypass it pretty easily.

sv_allowdownload and sv_allowupload stops them downloading and upload but clients cant receive your files…

Even then gm_funcsolver can bypass it :v:

We had another attack, I’ve stopped the server until further notice.

They are uploading anything they wish, even with sv_upload set to 0.

We’ve got some very nice addons to our server now, all free of effort. :confused:
Things like ToxicNuke, Meatburner, Zapper all free within my RP…

After renaming the server.cfg to something unguessable, they now start to ruin my gamemode.
My guests can’t chat or switch jobs or whatever.

If this doesn’t get fixed quick, this can become the end of GMOD10.

The minges in WOTS have advanced into hackers. :stuck_out_tongue:

Hmmm…new machinima anyone? WotS 2 anyone?