3

EDIT: I am using cubecoders AMP to run multiple instances

I am looking to set up a public Minecraft server (well multiple off one machine actually). I am wondering if there is a way in which I can ensure security on my home network? I have seen mentions of allowing only Minecraft to access a port and nothing else but I have no idea how I would do such a thing.

I won't be giving out my public IP as I have sub-domains which they will enter into their MC client to connect. But I imagine they would still have access to my public IP. Will portforwarding 25565 on my router allow anything to use that port or JUST the server and is this a secure method of preventing hacking or any information on my personal computer being stolen

Improve this question
1

1 Answer 1

Reset to default
0

You could try putting your origin IP behind CloudFlare Spectrum (think: CloudFlare but for Minecraft* instead of websites), then your only other worry is ensuring you don't run malicious plugins or mods.

*Or any non-HTTP service, actually

As long as you only port forward 25565 (and any related ports as required), you should be fine. Security-wise, most routers default to moreorless block all incoming traffic unless it's as a response to something that came through your network (for example, you visiting a website; the website needs to send the data you asked somewhere, right?).

Take this analogy: If you don't tell people your address, how are they supposed to visit you?
The same principal exists in networking...
And if you don't want people to visit you... Why are you even inviting people to begin with? (Replace people with other people's computers)

Furthermore, Minecraft zero-days are unaffected by whether your source IP is revealed or not. If the machine is compromised, the intruder need only run a netscan (what is my ip lookup) and address is compromised.

Basically: make sure your Minecraft software is up to date and has security patches. Networking isn't an issue, unless you have other things exposed unnecessarily. Hole exists in software; not routing, which is already as secure as you can get (without blocking everything).

Alternatively, play only LAN (aka. all the players physically showing up at your physical house) or don't use your home network to host a server to be accessed from the internet and just rent a server off a host. They handle everything for you, including security.

Improve this answer
2
  • Just had a look at this and how people set it up etc, it seems pretty much the same is routing my IP through my domains with DNS anyway? Is there any additional benefit to cloduflare than how I've already set it up. Accessing my server now requires the domain instead of IP. Is cloudflare capable of masking my IP when they are connected or something?
    – TheGodlyGecko
    Commented Feb 1 at 12:21
  • Yes, that is literally what Cloudflare does; it forces people to connect through it (a proxy) instead of connecting directly to your home network. Also, no; DNS is basically assigning a human-readable name to an IP address; so, if your domain records point to your home IP, it's no different than just telling everyone that IP in terms of protection, just that it'd be easier/harder to remember. So, Spectrum is basically not-HTTP support.
    – aytimothy
    Commented Feb 1 at 17:54

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .