URL Link in chat = rcon attempt perma ban?

Today we had a sneaky guy in game saying “Have you seen this guys RDM video!” and linked to a tinyurl link.

A few players went to it and their client spammed rcon_password or something and they got a perm ban. Lucky for us we only do appeals/reports for bans/rdm via our forums, so I never went to it (which he was intending to troll)

Another server owner mentioned there was a LUA checker for this? I did a bit of a search and see some posts from Jan 2014 but can’t find an addon/fix for this? Apparently it checks any URL’s posted in chat?

Cheers!

Probably links to a site that will send RCon messages from your browser.

Not RCON messages, it’s simply 11 iframes to the server ip. That’s all it takes.

[editline]29th August 2014[/editline]

The only real way around this is either disable RCON on your server or filter out ALL links in chat.

And if you did want to do this, you could grab the code here http://forum.facepunch.com/showthread.php?t=1418268

Thanks for linking the solution, much appreciated!

What’s sorta funny is that it bans you even if rcon is disabled, the best you can do is disable links in chat or contact the owner of the source banner to request your server gets blacklisted.

Do you know what source banner was used?

Is there like a list of providers? It’s just some iframes to the server’s ip. I doubt anyone actually made a service of it??

Those are just 3 I could think of on the top of my head, the third one actually a paid one, kids pay 25$ so they can ban people from servers. I know of a few others that shut down as well.

wow this is terrible, selling this to kiddies ><

Do you mean it’s terrible that they’re getting effectively scammed? I think it’s a great thing, due to what they’re trying to accomplish. The entire thing depends completely on the ignorance of the victim/their likeliness to click a random link sent. I’m fairly sure that it’s detailed in the “Source Banner” description but from the headlines it certainly to advertise that you can ban anyone without lifting a finger :dance: I think that you really are as safe as we want to be on servers, don’t click links you don’t know are safe and filter them out if you’re paranoid and a server-manager.

theres no point in censoring the source banners, it took me a simple search of “source link banner”