Authorized Serial Account Protection: Difference between revisions
(`Quick start` first as the MTA server directs players to this page when they can't log in) |
(fixed wrong ending xml-tag) |
||
(6 intermediate revisions by one other user not shown) | |||
Line 1: | Line 1: | ||
= | =FAQ= | ||
==Help, I can't login (game)== | ==Help, I can't login (game)== | ||
To allow the last attempted serial, use the '''authserial''' command in the server console.<br/> | To allow the last attempted serial, use the '''authserial''' command in the server console.<br/> | ||
For example, to allow the last attempted serial for account ''MrBob'', enter the following command in the server console: | For example, to allow the last attempted serial for account ''MrBob'', enter the following command in the server console: | ||
authserial MrBob | authserial MrBob | ||
==Help, I can't login ( | ==Help, I can't login (HTTP)== | ||
To login to the HTTP web interface, the IP address has to be authorized. | To login to the HTTP web interface, the IP address has to be authorized. | ||
To authorize an IP address: | To authorize an IP address: | ||
Line 23: | Line 23: | ||
==How to disable== | ==How to disable== | ||
Open '''mtaserver.conf''' and find ''<auth_serial_groups>'' and change to below | Open '''mtaserver.conf''' and find ''<auth_serial_groups>'' and change to below | ||
<auth_serial_groups></ | <auth_serial_groups></auth_serial_groups> | ||
'''Note''': Authorized Serial Account Protection helps prevent your server from getting hacked. If there is a chance any of your admins are using the same password on other servers, then do not disable this feature. | '''Note''': Authorized Serial Account Protection helps prevent your server from getting hacked. If there is a chance any of your admins are using the same password on other servers, then do not disable this feature. | ||
==How to use== | ==How to use== | ||
Line 32: | Line 32: | ||
To remove the newest authorized serial for an account: | To remove the newest authorized serial for an account: | ||
authserial <account_name> remove | authserial <account_name> remove | ||
To enable HTTP login from an unauthorized IP, use the following command to get a 7 digit code which should be appended to the HTTP login password ''(Requires server version 1.5.4-9.11302)'' | |||
authserial <account_name> httppass |
Revision as of 16:11, 8 May 2017
FAQ
Help, I can't login (game)
To allow the last attempted serial, use the authserial command in the server console.
For example, to allow the last attempted serial for account MrBob, enter the following command in the server console:
authserial MrBob
Help, I can't login (HTTP)
To login to the HTTP web interface, the IP address has to be authorized. To authorize an IP address:
- Join the MTA server
- Login to the account
- Disconnect from MTA server (optional)
- Login via HTTP
Main documentation
Introduction
New from 1.5.3, Authorized Serial Account Protection provides a way to prevent password reuse causing damage to your server.
How to enable
Open mtaserver.conf and find <auth_serial_groups> and change to below. (If <auth_serial_groups> does not exist, then add it)
<auth_serial_groups>Admin</auth_serial_groups>
If you wish to protect other ACL groups, then add them separated by commas, e.g.:
<auth_serial_groups>Admin,SuperModerator</auth_serial_groups>
How to disable
Open mtaserver.conf and find <auth_serial_groups> and change to below
<auth_serial_groups></auth_serial_groups>
Note: Authorized Serial Account Protection helps prevent your server from getting hacked. If there is a chance any of your admins are using the same password on other servers, then do not disable this feature.
How to use
To allow the last attempted serial for an account, enter the following command in the server console:
authserial <account_name>
To view authorized serials for an account:
authserial <account_name> list
To remove the newest authorized serial for an account:
authserial <account_name> remove
To enable HTTP login from an unauthorized IP, use the following command to get a 7 digit code which should be appended to the HTTP login password (Requires server version 1.5.4-9.11302)
authserial <account_name> httppass