files

  • not ftp i mean things like the mod config files so u can set mini map mods to allow any1 to tp to their waypoints without op and edit build height and things like that and ik its possible cause they already have a console and if they have that it wouldnt be hard to put a small program to allow people to open the config files and edit the server files without messing with their defaults cause they can have it set to write their settings over yours on startup

  • just request the mod, adding that would have security risks too
    and if adding mods to a modpack, they can't, they only add the modpack that already have the mod configured by
    the launcher it self
    and allowing edit the server files, will also have security risks

    Minecraft Player
    Just an adequate guy!

    :aternos: Member
    Always Happy To Help People

  • ok i can c u dont know coding so u wouldnt understand this but depending on how they code it using if then statements they could stop it from being a risk ik cause im a coder and i have done dome complicated stuff than that for other people. its a simple bit of coding that would make it a request permission to edit the files on your own server and allow them to review b4 changes are made and u clearly dont know as much about servers as you think so please just stop trying to prove me wrong u openly say ur not good at coding i went to school and got a few certificates for coding and programming so ik its not as hard or risky as u think it is

    • Official Post

    [Blocked Image: http://i2.kym-cdn.com/entries/…/000/000/554/facepalm.jpg]
    @gavin2death You dont understand the point.
    The problem is not the uploading or editing procedure. The problem is, that the uploaded mod or plugin is loaded into the server and executes code on our host systems.


    This has the consequence that people can upload mods or plugins

    • with suspicious code. (Aternos server are secured very strongly, but we don't need to enforce security risks)
    • which try to bypass our system. For example: faking slots to avoid that the server gets stopped, removing our brand from motd etc.
  • I couldn't access the config files until I started my server up, then when I went to "plugins and files" and clicked the name of the plugin and it worked.
    try running your server, then try to find the config files

  • even im not a coder i still understand, people don't need to be a coder to understand SECURITY RISKS

    Minecraft Player
    Just an adequate guy!

    :aternos: Member
    Always Happy To Help People

  • [Blocked Image: http://i2.kym-cdn.com/entries/…/000/000/554/facepalm.jpg]
    @gavin2death You dont understand the point.
    The problem is not the uploading or editing procedure. The problem is, that the uploaded mod or plugin is loaded into the server and executes code on our host systems.


    This has the consequence that people can upload mods or plugins

    • with suspicious code. (Aternos server are secured very strongly, but we don't need to enforce security risks)
    • which try to bypass our system. For example: faking slots to avoid that the server gets stopped, removing our brand from motd etc.

    i understand this but im trying to bring the point that u could make it so that when submitted it goes under review meaning u guys could still look for security risks and notify people that their requests have been accepted or denied ik it would take more effort but it would make it a more interactive experience for any1 using it
    it would also make it better to use as all of the mods people play with have similar things in their configs


    all im really wanting to be able to do is make it so using the minimap any1 can tp to their waypoints its literally 1 thing that needs changed in the configs

    • Official Post

    i went to school and got a few certificates for coding

    Certificates don't make a good coder, certificates don't make a coder at all, certificates just mean that you have a piece of paper for people who care. Here nobody cares.


    Maybe you haven't learnt that in your certificated lessons where you got a certificate, but time and money isn't endless in the real world (the one where people don't care about certificates).
    We make Aternos in our free time, so we all have another full time job or some still go to school and we don't get anything from this, it's just for fun.
    It is just simply impossible for us to review every piece of code in mods that users want to upload to our servers, we just don't have the time for that. If you have a certificate for mathematics, you can calculate that on your own, otherwise ask a certificated calculator. For your calculations: More than 10,000 servers are started every day and there are 8 team members. (Little hint: 8 < 10,000)

  • u know what your site is a piece of shit that is buggy as hell you know what stuff that in your calculator i was hired by bethesda for god sake u say im not a good coder i work on scriping for them all the time u guys could improve so much by doing small fixes to your coding and fyi certificates are where the real money is at that is what most jobs would hire u for over a dame degree i have over half a million in the bank can u say the same u piece of shit little snot nose kids i will be working on helping your compeditors become better than u ;) so fuck you you little cum gussler go 2 hell
    [Blocked Image: http://img.memecdn.com/you-amp-039-re-a-bitch_o_1747253.jpg]

  • [Blocked Image: http://i2.kym-cdn.com/entries/…/000/000/554/facepalm.jpg]
    @gavin2death You dont understand the point.
    The problem is not the uploading or editing procedure. The problem is, that the uploaded mod or plugin is loaded into the server and executes code on our host systems.


    This has the consequence that people can upload mods or plugins

    • with suspicious code. (Aternos server are secured very strongly, but we don't need to enforce security risks)
    • which try to bypass our system. For example: faking slots to avoid that the server gets stopped, removing our brand from motd etc.

    would a plugin that changes the server icon be considered "removing our brand from motd etc." where you said 'which try to bypass our system. For example: faking slots to avoid that the server gets stopped, "removing our brand from motd etc."'

  • these two reasons are just examples. But yes, changing the server icon would be the same.


    btw. The ability of changing the server icon will be added in future

    so could I use a plugin that allows says it can change my server icon, or do i have to wait until it's added

  • [Blocked Image: http://i2.kym-cdn.com/entries/…/000/000/554/facepalm.jpg]
    @gavin2death You dont understand the point.
    The problem is not the uploading or editing procedure. The problem is, that the uploaded mod or plugin is loaded into the server and executes code on our host systems.


    This has the consequence that people can upload mods or plugins

    • with suspicious code. (Aternos server are secured very strongly, but we don't need to enforce security risks)
    • which try to bypass our system. For example: faking slots to avoid that the server gets stopped, removing our brand from motd etc.

    Is it possable to have a systom for mods kinda like the plugins one? where you have a database filled with mods?

    • Official Post

    Our plugin system is based on APIs of bukkit and spigot. With these APIs we can automatically fetch the information about the plugins: descriptions, versionioning information, updates etc. and also automatically download the plugins from the desired platform.


    The problem is, that
    a) there's no official platform like spigot or dev.bukkit where mods are distributed
    b) also no platform can give us an API access, because they all have no API