There is an exploit with Bungeecord which allows users to spoof your UUID by pretending to join as you using a separate Bungeecord instance. To fix it, you need to install one of the following plugins on your non-Bungeecord servers:

BungeeExploitFix: https://www.spigotmc.org/resources/63280/
IPWhitelist: https://www.spigotmc.org/resources/61/
Proxy Fix: https://www.spigotmc.org/resources/55518/

Here are instructions on how to install each of the above plugins. You only need one.

BungeeExploitFix:

Download the plugin from https://www.spigotmc.org/resources/63280/ and put it in your Bukkit/Spigot servers.
Restart.
Done! Your server is now protected. You just need to join through Bungeecord once to each server to start it. You can configure it from the config.yml and then use /bef reload at any time.

IPWhitelist:

Download the plugin from https://www.spigotmc.org/resources/61/ and put it in your Bukkit/Spigot servers.
Restart.
Open the config file and add your server IP (excluding port) to the "whitelist" section.
Restart.
Done! Your server is now protected and you can configure the config.yml at any time to your liking and use /ipwl reload to reload it.



Proxy Fix:

Download the plugin from https://www.spigotmc.org/resources/55518/ and put it in your Bukkit/Spigot servers.
Restart.
Open the config file and add your server IP (excluding port) to the "valid-ips" section.
Restart.
Done! Your server is now protected and you can configure the config.yml at any time to your liking and restart the server to load the changes.

Was this article helpful?
Cancel
Thank you!