@Lith You really honestly even need to worry about that, so long as you have a secure password for rcon or disable it, you are good to go, they are literally wasting there time. Think of you winning in the situation! 
1 Like
Definitely not vMenu. My server’s not using it, and we’re getting the error. It’s clearly just someone going server-to-server, trying to guess passwords, probably finding them via the server bazaar.
1 Like
You can get a list of all servers, IP’s and more from a public FiveM API, it is what it is, script kiddies have no life, so they brute force, and succeed sadly, and keeps them going. Probably will die down in a few days. To make it clear, it’s not FiveM’s fault, but the API allows them to grab IP’s & ports, which obviously is what you need for rcon, from there, the brute force begins. Just use a secure password and you’re good to go!
1 Like
Does someone trying to bruteforce affects my server performance?
1 Like
No it does not.
3 Likes
Second this, I’ve literally had NO performance impact, just a cluttered console output, which I can live with.
2 Likes
Just changed the rcon password to a 20chars one and seems to stop the thing
fewh glad im not the only one having this issue, i was the middle of putting in a few scripts then it started freaking out.
1 Like
Happen in my server too…
And make hitch warning over 4000 
1 Like
good thing no ones ever gonna guess bishlasagna… dammit!
1 Like
I’m getting same issue on my servers.
This is why I switched to a host with DDoS protection and my server has a 10Gbps connection, so good luck ddosing it lol. Don’t think any of the script kiddies on fivem can take it down.
It’s not a DDOS( distributed denial of service attack ). It’s an attempt to brute force an rcon password as has been mentioned something like 20 times in this thread now. A dial-up connection could handle the throughput this attack is requiring.
Didn’t say it was. He was saying his server was getting DDoSed as well, so thats why I said that…
How Fix Problems ?
I also have a 10Gbps second port, the connection speed alone, won’t stop someone from attacking you, and since I run Linux I was able to mititage the DDoS attack that I received swifty through iptables. If only my company would do more lol, we are switching to another host when our billing period is up. Null routing IP’s is a “easy” way to fix someone getting DDoS attacked, and for them to not do something useful. Oh well.
There are no problems to fix, reading up, there is nothing you can do except have a secure rcon password, or disable rcon.
1 Like
yea it just started over here now
1 Like
Me to guys Zap hosting after every restart and sometimes can’t join server is says vrp indentification error then i sometimes i return home i see server is closed. I also get massive invalid password and i have DDOS manager but the same thing server closes randomly.
1 Like
blah blah blah its a bruteforce attack here you go
1 Like
Wow, Good find! Yeet. LOL that Topic though. It’s been established that this is a brute force. Secure your password, move on. Enjoy.
- Bad management of group policy on VPS machines
- Running your FiveM server off of the root(linux) or account within the Administrator localgroup on your windows machine
So what if it’s not a VPS? Even if you run your server off of “root(linux)” how can they gain access through rcon? Again, SECURE or DISABLE your rcon password and life is great. Let them waste their time.
That topic doesn’t even talk about brute force.
1 Like