Sneaky
⚠️ Versions 1.0.11 to 1.0.13 have an oversight allowing unwhitelisted or banned players to still see MOTD and player list. This only affects servers with whitelist on. I made a mistake in adding players to the allowed list too early in the signin process. It's unlikely that this was abused on a wide scale as it still required successful authentication with Mojang (on Online-Mode servers). 1.0.14.1 is available for all affected Minecraft versions
Sneaky anonymises your server from server scanners like Copenheimer, Shodan or ServerSeeker by only showing server info to players who have previously joined.
Sneaky has other options to protect your server including disabling logs for unauthorised players, and ratelimiting the creation of new connections.
Configuration
The configuration is stored in config/sneakyserver/config.properties
hide-server-ping-data
: (Default: true) Only sends server ping data to known players
hide-player-list
: (Default: false) Sends server ping data to unknown players, but doesn't send a user list. Only works when "hide-server-ping-data" is false.
dont-log-unauthed-client-disconnects
: (Default: false) Prevents the server from logging failed offline-mode player logins. Prevents logs when the client closes the connection. Example of a server being spammed with offline mode logins: https://www.reddit.com/r/Minecraft/comments/12ip3gd/who_is_shepan/
dont-log-unauthed-server-disconnects
: (Default: false) Prevents the server from logging failed offline-mode player logins. Prevents logs when the server closes the connection
rate-limit-new-connections
: (Default: true) Enables a rate limit for clients creating new connections.
new-connection-rate-limit
: (Default: 7) Connection limit over 15 seconds. If a client exceeds this limit new connections will be closed.
disable-query-until-login
: (Default: false) shows the server as offline before the first time a player joins
disable-legacy-query
: (Default: true) disables legacy ping used by clients older than Minecraft 1.6
disable-connections-from-banned-ips
: (Default: false) closes connections from banned IPs before reaching login logic. May be incompatible with BungeeCord or Velocity
Hiding ping data
Sneaky hides server info by keeping a list of IP addresses of known players and their last join date, only allowing known players to receive the real server info, and appearing as an unconfigured server with no player activity to server scanners and players who have never joined. this feature is meant to be a no compromise alternative to vanilla's hide-online-players
feature, allowing members of a server to see relevant information without leaking that information to scanners or un-whitelisted players (in the case of a whitelisted server)
Before joining
Before first joining, players and server scanners see a generic, unconfigured server with no player activity
After joining
After their first join, players will see the real MOTD, server icon, and online players list