RCON Console hacker on my server.

As the title says, there’s someone on my server that can hack into my console and ban/unban people whenever he likes. He also revokes admins and even me. Is there anyway to stop this?

Set your rcon password from the command line and remove it from the server.cfg.

Are you sure this works, or is this just a guess?

I know there are a few expliots that allow people to get access to the server.cfg, so if you set your rcon password from the command line they can’t get to the rcon password.

Ideally you should never use RCon if possible, even if it is set via the command line.

If I don’t use rcon, does that mean I cant use server console? If that’s what it mean,s I’ll do it.

Mein Freund, usse PuTTY to be the Console.
Or use so hard password, that NOBODY could get it.

Also there is glitch with env_spawn (don’t remember exactly), which allows to “send” an entity, which changes RCON ut to hacker’s password.
Do aviod and disallow: sv_cheats ALWAYS to zero (0)

rcon_password “”

is it really that hard