Exploit on Bungee found and is being used to crash the proxy

Hi there!

So a user has been crashing my Waterfall server by sending many (around 50) requests to it every second, this makes it completely unjoinable and spams the console as shown in this log: https://pastebin.com/bHAuRCSy

How can I limit these requests, stop them entirely or fix this issue? He can do it to anyone running waterfall which is a big issue as it completely stops it from being useable, restarting it doesn’t fix it, you just have to wait for them to stop attacking.

Thanks.

1 Like

use fail2ban or something to firewall the connections, a plugin could theoretically use the newly added connectioninitevent to prevent connections in the case of being unable to access the firewall, but ultimatly, it’s the proxies job to listen to connections, and that’s what it’s doing