Hello, is there an effective method to block and disable the /rcon_password command?
In the server.cfg file, I don’t have an RCON password specified, so it should be disabled. Unfortunately, after using the command, it becomes activated.
The issue I’m facing is that after entering this command, for example, /rcon_password 123, my RCON password becomes 123. I don’t use this feature and have no intention to. I’d like to secure this server from trolls and individuals with too much time on their hands.
Regarding removing the command itself, I don’t have that option as es_extended is obfuscated by .fxap.
This shouldn’t be useable from the client unless you have permission to (key owners gain all permission automatically) or your permissions are messed up.
Ehm your ESX should not be protected, it’s an free and open source resource.
1 Like
Unfortunately, I bought a package from an unscrupulous seller and there are many errors here that I’m trying to fix to provide a place for my friends to enjoy. And if I can’t limit this possibility, I’ll have to throw it away and put it together myself.
Until I use the /rcon_password 1234 command with rcon, you can’t connect, but if I enter the password, it automatically starts and grants access. That’s why I would like to permanently disable it if possible because unauthorized individuals have gained access to rcon in the past.
1 Like
Your issue is far more likely that the package from the “unscrupulous seller” has a backdoor than people guessing your rcon password…
1 Like
I hate to say it, but you’ve wasted your resources here - never, ever buy any freeware or “server packages” from people, it’s a horrible idea. They’re most certainly filled with issues and very much may have a backdoor or other malicious code in them.
It’s best for you to restart from scratch, using only official sources.
Good to mention that txAdmin has a recipe for ESX to get your started more easily, so you don’t have to do everything from scratch.
1 Like