Dude seriously i’m getting so tired of this. My server got redirected to ANOTHER PERSON’S server multiple times when I first started it. So I got CAKE anticheat and they could no longer redirect our server… WELL 2 weeks later people can redirect our server again, not sure how because we have the same addons so I only guess it’s a new hack or something…

Anyone know what is going on? I’ve googled for hours and nobody seems to be talking about this. I have the LATEST version of cake anticheat and yet they still redirect my server.

Literally the ONLY addon I have on the server besides ULX and cake anticheat is the RDM MANAGER (http://forum.facepunch.com/showthread.php?t=1416843)

HOW AM I GETTING HACKED? This is so tiring and enraging as a server owner paying 50+ a month for no return just to be hacked.


(User was banned for this post ("all caps thread title + undescriptive thread title + flaming" - Orkel))

Reinstall a fresh server.

cake doesn’t deflect everything, especially if they have ftp access to your server lolol.

try to change your ftp password.

Do you set your rcon password in the server.cfg?
Set it in the command line.

Nobody has FTP access dude, i’m not a noob here. I know how to secure a linux server just fine.

[editline]30th October 2016[/editline]

It is indeed set in server.cfg… is that an issue? If so i’ll just block the TCP protocol by IP so only my IP can access RCON. But you can’t redirect a server with RCON, can you?

[editline]30th October 2016[/editline]

Get out of here bro

no one will be able to re-direct your servers unless they got access to it (ftp or rcon).

Anyways rcon can be downloaded if in server.cfg put it in your command line instead.

Do you have a workshop collection on your server or any workshop addons?

Is it just you being redirected or all players?

All players. I have a workshop collection FOR the server that it uses. Like I said in the post, I only have 3 addons which are highly trusted by everyone.

Are you sure you are using the official versions? (Linking your collection may help)

Has anybody else had access to the ftp in the past that could of uploaded something malicious?

Here is my collection: http://steamcommunity.com/sharedfiles/filedetails/?id=775987990

FTP is not available to anyone. This is a secure linux server running centos7. Nobody has access or has had access, ever.

The only addon i’m using not in my collection is this: http://forum.facepunch.com/showthread.php?t=1416843

I have only 3 mods!!1


I would extract the addons myself and check for backdoors but you have 98 items in the collection, any of which could possibly be backdoored.

I recommend removing maps/addons which aren’t used regularly and if the problem persists post the new collection link.

One of your addons is likely backdoored.

Are you retarded? You can clearly see everything in the workshop collection are only maps. Like jesus dude do some research before you shitpost.

Uh, you know he’s one of the main developers of Garry’s Mod??

I don’t care dude. My collection is comprised of only maps, which are highly rated in the workshop. Not too sure why he thinks I have tons of addons, he obviously either has glaucoma or is just dumb because anyone can take two seconds and see I have no addons in my collection but ULX.

As the maps are on the workshop it is possible for the uploader of the addon to the put a file in /lua/autorun/ that contains malicious code.

I’ve already checked that directory for malicious additions.

I give up. :suicide:

Just because its “highly rated” doesnt mean its not back doored. The amount of bots on the workshop upvoting things means ratings are unreliable as fuck anymore.

Also any one of those addons could be updated at anytime to include a back door.

If you’re not going to put any effort into figuring out your own issue then enjoy your redirect servers.

Are you using any leaked scripts or addons?