Due a lot of botters are in way be ensure to have root to protect you low layer with iptables!

https://javapipe.com/blog/iptables-ddos-protection/



Also, remember to increase socket files-limit, so you can absorb more sockets.

https://stackoverflow.com/questions/880557/socket-accept-too-many-open-files/32699260#32699260



A new update of NullCordX has been rolled out ->

• Implemented 1.20 support
• Implemented the ability to specify the path to the file on the current host for the proxy scraper feature
• Implemented new caching motd mode that theproxy will call ProxyPingEvent itself and store the result globally for some configurable time
• Improved messages for easier license information
• Fixed geyser support without modify configuration
• Fixed a bug due to which sometimes it was impossible to create a dump
• Fixed player kick messages if the player was kicked after checking on the filter when trying to connect to the server
• Fixed "connect-to-filter-only-on-attack" mode
• Fixed some throthle issues by increasing some settings
• Netty 4.1.93

Now geyser works without disabling "disable-compression" I recommend you to re-enable it for higher performance

Due a lot of botters are in way be ensure to have root to protect you low layer with iptables!

[url]https://javapipe.com/blog/iptables-ddos-protection/[/URL]



Also, remember to increase socket files-limit, so you can absorb more sockets.

[url]https://stackoverflow.com/questions/880557/socket-accept-too-many-open-files/32699260#32699260[/URL]



A new update of NullCordX has been rolled out ->

• Implemented configurable AntiProxy/AntiVPN system with custom proxy check service
• Added dump command. Now you can easily export all existing configs and other information and provide it to us if necessary
• Added the ability to set the maximum nickname length when decoding a packet
• Implemented all players by default on the filter have a levitation effect that will not allow them to switch flight mode during captcha
• Added transparent rendering layer for captcha. Now you can make some pictures translucent.
• Added ability to create render layer templates for captcha. Now you can create several identical layers but with different settings and draw captcha in different ways.
• Added the ability to create templates for antibot checks. For example, now you can create several fall checks but with different settings.
• Improved Ping check system + added some new ones
• Now live statistics show your current ping to the proxy
• Improved configuration system (Elytrium one) that includes configuration backups and fixeable settings
• Now country and proxy checks are templates. To use them, you need to add them to the modes in the correct order in the antibot.
• (Huge) Added check conditions for the antibot. Now you can configure whether the antibot should skip the check if the previous check failed or passed.
• Added the ability to set the chance of rotating frames for captcha puzzle
• Added the ability to block a player for a different amount of time, depending on how often he has failed the bot check lately and how exactly.
• Added the ability to disable saving data to the database
• Added the ability to configure external blacklist more flexibly. Now you can specify which specific commands and when should be executed when blocking the IP address
• Added ban command. The command does the same as the proxy when adding an IP address to the blacklist
• Added the ability to limit the number of players with the same ip addresses on the filter.
• Added ability to always apply offline uuid for all players.
• Fixed a rare situation where a proxy could connect the same players
• Fixed compatibility of built-in modules with other plugins
• Removed an invalid space if the statistics showed gigabytes
• Fixed a situation where a proxy could generate a captcha when it is clearly not used anywhere
• Fixed a situation where the player was not kicked if there was an error in the connection and the full-stracktraces mode was enabled
• Fixed situation when NullCordX-Bridge plugin could run on a proxy that is not NullCordX
• Fixed NullCordXApi.getInstance() returning null if NullCordXImpl instance was only loaded for the first time ever
• Fixed favicon not being temporarily removed from motd during a ping attack if some plugin always changed it via an event.

You will probably need to make a backup and reset your captcha.yml and antibot.yml configs to figure out how it all works again



If you have any question or problem hit us on -> [url]https://discord.gg/HhFxScZWAT[/URL]

hotfix

Can i buy with Cryptos?

Yes, all you have to do is to enter our discord and contact us to get the wallet.

⋘────────────────────↠∗∗↞────────────────────⋙

NullCordX is a fork of the well-known Waterfall to server teleportation suite built into fully protection & performance-boost even adding modern forge and bedrock standalone support (Probably most advanced on sale)



How the anti-bot works:

Not like other anti-bot systems we are non-Linux only based, if you are using an Shared host or Windows we have another module of blacklisted cached with netty. However, if you run the proxy as root, you'll get extra features like easy-and-fast mitigation of attacks via deniying connections using IPSet/IPTables.

• Human fake-lobby-> Advanced filter to verify any type of sent packet, the sentry of high-performant bots, you can configure it to work under attack only, or even disable it.
• Latency check -> System to add an limit of ping and kick it if is bigger. (Configurable limit)
• Join check-> If the player have never joined before and the server is under attack, will ask for re-join
• Nickname check -> Option to verify player names, such as repetitive, blacklisted and strange names.
• Proxy check -> NullCordX verifies the request to the server, and if is detected as proxy will be blacklisted.
• Direct-Connection-> If the software detects any strange loadup on connections will avoid connections that did not ping server list before joining.
• Advanced bot manager-> Checks if the entity its acting as a bot via repetitive tasks, movements and packets.
• Exception check -> Most of attacks are based on exceptions, this overloads the usage and floods the console, NullCordX caches them and deny that connection (you can limit e-connections and add/remove other packets)
• Internal checks -> Internal netty & anti-exploit checks with the purpose of not bothering the player.
• Multiple exception -> Most of "smashers" are based on spamming legit BungeeCord packets to the instance, you can limit and avoid them.
• Name blacklist -> This option is very good to avoid flooding of basic "ddos" systems with pre-based names without an alteration, the connection will be closed and blacklisted for the configured time.
• Favicon check -> Option to check any attempt of an invalid ping will blacklist the connection.
• Geyser checks -> If its enabled, some bedrock checks that are specifically for bedrock players will start working.
• Blacklist (via iptables/netty) -> Linux tool implemented to blacklist quickly bad TCP connections to avoid attack reach maximun performance, if you don't have access NullCordX will blacklist bots with netty cached-blacklist module.
• Uncompressed Login packets -> By limit on uncompressed packets before player logins and if and if it is exceeded, it will be thrown out.
• Invalid packet checking -> NullCordX verifies Minecraft protocol packets without trowing any exception and kicking instantly if is not recognised.
• Cloud system -> Through several time, NullCordX verifies if the connection is already blacklisted on the system.
• Proxy-sync -> Some networks need split proxy instance on more than one, NullCordX can sync the anti-bot data between them to avoid waste of performance.
• Packet-cache -> Waterfall has too many exceptions, but NullCordX has a system that caches most exceptions and packets, making the impact minimal.

Spigot Anti-Crash

Version 1.8 is quite old, and tends to have many problems with packet and netty security, causing crashes/lags with clients, people to fix it are using plugins that only are giving issues with other plugins, fake-detections and lag.

If your fork supports it like (Spigot/Paper/SuperPaper), the proxy will try to manage all packets.

On top of that is working in all versions to avoiding things like (GasClient, ToxicClient, PacketCrashers, Heaven) and all related clients.

The server admin can cancell the packet, or just kick it with netty > By default is working with netty to faster mitigation!

Proxy Secure Level

Waterfall opens up endless possibilities to new exploits that can consume all your resources and even throw the instance.

NullCordX is more than secure against this kind of attacks, and mitigates it instantly for as long as you configure it, you can be secure with exploits.

Legit Optimization

It is legitimately impossible to have a large server with Waterfall, as its consumption is very extreme with a large number of players in a single instance, this proxy is the most-advanced in performance boost.

NullCordX natively changes the Waterfall compression system to something more stable and performant, this is really util for large networks.

Boosted native-encryption usage with replacements

Not like other anti-exploit systems, we run all our anti-bot multithreaded, to load the balance into multiple tasks.

NullCordX avoid heavy copy of buf on Waterfall, this is not maintainable for the proxy.

On top of that, we added Tcp Fast Open (System to handle connections faster) between server and client. Which makes a proxy more effective.

Best frame-decoder for the proxy, improving the packet handle and security

If your spigot fork supports it, all the flushed packets would be handled by the proxy improving the performance scability.

Best compatibility & The most advanced fork

NullCordX is the most advanced fork in market with external compatibility, adding a lot of features that are not in market.

Our community likes to have modern things like the competition, that's why we have added multiple improvements respecting everyone.

Most of the Spanish community uses NullCordX since the main developer is Spanish, feel invited if you are too

Modern FORGE (1.13+): For now, the upstream does not currently support modern forge, and there are many servers that do need it, so NullCordX has implemented it in an efficient way, no fork with all these features has it.

Bedrock support: Bedrock has a lot of problems with anti-bot checks, logging and so on, if the administrator wants he can make any check to be skipped for bedrock players, also you can set the anti-bot time different from the java time.

DynDNS support. We have implemented a much requested feature, which is not yet in this market (Dynamic Domain Name System support) for those hosts that gives compatibility to in-house hosts, by default Waterfall does not support it.

nLogin support. This plugin is very good, and that's why we have supported using their cloud system and api to avoid verifying people who already did it once, besides that you can skip verifications for bedrock.

Hex system. As modern proxy NullCordX supports hexadecimal colours on all anti-bot checks for modern versions, default format.

Module system. It's a tiresome thing to have to download the modules in every BungeeCord update, we have them integrated as commands!

MOTD integrated. If is enabled, NullCordX will activate a system in which you can limit slots, configure favicon compression, player information, rgb and legacy color support, even disable motd and let the proxy cache requests. All this to have the best performance

Helly customizable. Almost +240 lines configurable, 3 types of data-bases, With NullCordX you can customize even the fonts/images of the anti-bot colours, even add gradient like:

Advanced AntiProxy, AntiVPN system.

Buyers enjoy a fairly extensive api updated every day with a fairly extended limit, to avoid rate-limit crashers.

You can also use different AntiProxy pages/licenses, but we have a cloud system to save all the proxies that are blocked, so that on another server they will not be used again.

In addition, you can block specific countries that tend to frequent many attacks (you can also activate it when an attack is detected).

IPTables firewall

IPTables is a Linux-only tool that allows you to modify all kinds of internet rules, and the best way that we can use to blacklist TCP connections.

If the server has ROOT permissions tool called ipset will be used that allows us to block lists and we can use it to block by time.

This way we can mitigate attacks much more quickly and efficiently without having to have a very good system.

Otherwise the server does not have it, will use default (netty-cached) blacklist system based on pipeline check.

Proxy improvements

We care a lot about security, that's why we have a debug mode, if something goes wrong you can report it and it will be fixed in a very short time.

If the instance crashes, we can see what's going on and check the packet type and fix it in minutes!

Very intense proxy scraper (100k+) per day, and we keep adding more pages so that most attacks are instantly invalidated.

Instantaneous mitigation for related to layer7 or netty, no performance loss.

By default, you can disable all checks, but if there is an attack and it is not completely disabled, it will still ask for them.

Thanks to our upgrades and login caching we can still handle premiun connections even if the Mojang api is down for some time.

The anti-bot plugins are not comparable with the proxy, since when using events the performance drops scalably, apart from the fact that natively it can hold much more.

Extense api for developers, you can get the instance of NullCordX, also you can detect the trigger of BotAttackDetectedEvent and PingAttackDetectedEvent to use it as you want.

More features

• All the anti-bot checks can be toggled, or configured to work only under attack
• AntiNullPing, AntiSmasher, AntiPing, AntiBot system all aplicable on all operative systems.
• Friendly and easy configuration to understand for new people.
• Hook into some plugins like (jPremium, DynamicBungeeAuth and SkinsRestorer) to avoid rate-limits.
• Not kernel based, we allow shared hosts to use the software without any limitation.
• Powerfull toggleable-logger system to avoid unwanted, and few random logs
• Supporting modern forge connections.
• Option to blacklist and whitelist countries.
• "Anticrash/antismasher" for spigot, Our bridge handles the packet before player hits spigot.
• Dynamic Domain Name System support
• Ability to see plugins used on proxy
• Ability to reload the proxy & the anti-bot system
• You can report & find any bug launching -DnullCordX.handleExceptions flag
• Hexadecimal support for all the proxy, even motd system
• Modules built-in, no more manual downloads!
• Ability to customize anti-bot images, fonts and regeneration time.
• Ability to customize what bad-packets should the proxy blacklist under attack
• Cached netty blacklist module for not-linux operative systems
• UTF-8 support for messages of Waterfall (Mostly for asian servers)
• Customizable cached-motd system, very recommended
• Command to generate new captcha (When you want)
• Auto-download of messages.properties, you don't need to manually create it
• No fake triggers, the anti-bot is smart depending on the network.
• Ability to see hardware usage, such as (CPU, ram, tasks) even on actionbar
• Ability to configure how database will work, such as Sqlite, Mysql ,HikariCP for external databases and PostgreSQL
• Ability to configure compression level, higher values will use more CPU and less traffic.
• Ability to use native motd system very configurable (Slots, player-info, cache, compression favicon and a lot more!)
• Ability to disable ConnectionInitEvent of Waterfall (Some plugins need it)

⋘────────────────────↠∗∗↞────────────────────⋙
Due a lot of botters are in way be ensure to have root to protect you low layer with iptables!
https://javapipe.com/blog/iptables-ddos-protection/

Also, remember to increase socket files-limit, so you can absorb more sockets.
https://stackoverflow.com/questions/880557/socket-accept-too-many-open-files/32699260#32699260

Every day we are the most advanced in the human filtration industry...

A new update of NullCordX has been rolled out ->

• Added 1.19.3 support, totally tested
• Added the ability to change the maximum and minimum framed captcha size.
• Added forwarding system (This totally replaces the usage of BungeeGuard or similar!)
• Animated framed captcha are now more optimized and require less traffic
• Added the option to be kicked into the lobby in a backend crash
• Added on startup the used Java version and OS information
• Removed totally legacy-decoder from discard-handler
• Usage of Int2ObjectOpenHashMap and replace of Guava i.e
• Fixed problems with nLogin on UUID before PreLogin fires
• Added the option to make configurable the path of server-icon
• Fixed legacy Sponge/Forge support with ip_forwarding
• Added the option to reset titles on upstream-handler
• Add the ability to change live statics and add CPU live statics
• Improved live statistics, now you can view separately upstream and downstream network statistics and cpu statistics
• Now the color palette will be loaded into memory when it is required to generate a captcha, saving somewhere around 64 MB of memory
• Slightly speed up captcha generation by pre-rendering fonts
• Used ForkJoinPool when loading nullcordx components to use all CPU cores to speed up proxy loading
• Added the ability to fully customize the arithmetic code generator for captcha
• Added StaticManagers API for NullCordX
• Fixed custom ReconnectHandler (wasn't saving locations)
• Updated netty to latest (Released yesterday)
• Added api to get mapdata packets and holders of all types of captcha
• Added animated framed puzzle
• Added manual protection mode

If you have any question or problem hit us on -> https://discord.gg/HhFxScZWAT
On top of that, 1.19.3 was pre-released on the discord (same day as released), if you're a buyer join!
⋘────────────────────↠∗∗↞────────────────────⋙

Due a lot of botters are in way be ensure to have root to protect you low layer with iptables!

https://javapipe.com/blog/iptables-ddos-protection/



Also, remember to increase socket files-limit, so you can absorb more sockets.

https://stackoverflow.com/questions/880557/socket-accept-too-many-open-files/32699260#32699260



A new update of NullCordX has been rolled out ->

• Add the possibility of very flexible captcha settings. Now you can customize the rendering layers and change the appearance of the captcha to your taste
• Implemented Fast-fall check for large networks (2-3s verification)
• Improved fall check, now bots need to process the correct fall on solid blocks
• Added the ability to use dithering in captcha
• Add ability to use multiple gifs for captcha
• Add ability to reverse animation for gifs
• Live statistics now show current network usage (IO-in/out)
• Now built-in modules from Waterfall are plugins and are loaded as usual. You can disable them in the config.yml
• Fix missing action bar for <=1.10 clients in filter
• Fix bug when live stats sends a gigantic amount of action bar packets
• Fix server list loading, add ability to load servers using ranges and add command "greloadservers" to reload servers list from config
• Now exception "Team %s already exists in this scoreboard" always suppressed.
• Changed some debug flags (-Dshieldcommunity.packet-decode-logging)
• Removed useless Pipeline stacktrace information & Fix legacy-decoder leak

If you have any question or problem hit us on -> https://discord.gg/HhFxScZWAT

⋘────────────────────↠∗∗↞────────────────────⋙
Due a lot of botters are in way be ensure to have root to protect you low layer with iptables!

Also, remember to increase socket files-limit, so you can absorb more attacks

A new update of NullCordX has been rolled out ->

• Added framed captcha (Like google/discord captcha), also works with animated gifs
• Added more colours for captcha.yml
• Update upstream (Waterfall)Waterfall
• Improved unframed-connections detection
• Improved captcha generation, now only will regen for verified players
• Added a UserCheckedSuccessfullyEvent that only fires when the player has successfully passed the check
• Fixed compatibility with sodium (configurable)

This update needs a reset of antibot.yml and config.yml to work properly
On top of that, review us if you liked our work, it really helps.
⋘────────────────────↠∗∗↞────────────────────⋙

Fixed Wrong file

Due a lot of botters are in way be ensure to have root to protect you low layer with iptables!



Also, remember to increase socket files-limit, so you can absorb more attacks

https://stackoverflow.com/questions/880557/socket-accept-too-many-open-files/32699260#32699260

A new update of NullCordX has been rolled out ->

• Fix memory usage when packet caching with MOTD
• Fix StatusRequest packet (broke by a change on the protocol)

On top of that, review us if you liked our work, it really helps.

Due a lot of botters are in way be ensure to have root to protect you low layer with iptables!



Also, remember to increase socket files-limit, so you can absorb more attacks

https://stackoverflow.com/questions/880557/socket-accept-too-many-open-files/32699260#32699260

A new update of NullCordX has been rolled out ->

• Captcha generation speed up (fixed problem with closing libdeflate which slowed down generation)
• Updated libdeflate + netty workers
• Added detection of spam attacks (attacks that do not complete the handshake process to the end)
• Removed support for pings below 1.7 versions (super-legacy)
• Added the ability to disable connections for certain versions of the client (configurable)
• Added information about the number of open connections to the statistics
• Added ability to create captchas with animated background (gif-only)
• The check system for a bot has been rewritten, now you can specify several checks in a row at once
• Added the ability to change the player's spawn point, the slot in which the captcha will be placed and the time on the filter
• Implemented new FlushConsolidationHandler (https://github.com/SpigotMC/BungeeCord/pull/3393)
• Improve malicious username detection on protocol
• Verify if status response is null and cache the exception

Please, remember to reset your antibot.yml and motd.yml configuration or migth a warning will spam your console.