I have a suggestion, and that is in glizer, the verified owner of a minecraft account, can in profile, populate a "only authorized" IP list. All servers running the glizer plugin will then kick the player if he joins from "incorrect" IP. The IP-list could accept the format 0-254.0-254.0-254.0-254/16-32 which would allow up to a B class network to be specified, and the IP list could for example hold a maximum of 10 IPs. IPs specified without /16-32 addition, would then be assumed to be /32. Also the glizer website could prevent players from logging in from "incorrect" IPs, and only way to reset this is to request a password reset via email, this will also empty the IP-list and allow connections to both glizer-running MC servers & glizer website from any IP. Thus, only way to hack a account protected by IP-security/anti-hack would be to gain access to the account owner's email account. This would greatly reduce the attack surface for all minecraft accounts registred on glizer, since even if a user would specify his whole ISP B-class network because dynamic IP, a hacker would need to sit on the same ISP to be able to hack the account. This could prevent people from being banned globally because they get hacked. Then hackers who hacks other person's minecraft accounts would not be able to join any glizer protected servers, because the account owner has specifically noted that this account is only permitted from these IPs.
AW: IP Security/anti-hack I do enjoy security-related features such as this one. Will players get some sort of notification once new stuff is added to Glizer? An announcement here on the forums maybe?
AW: IP Security/anti-hack Twitter and ingame. Feature is live - but you need to update the glizer server software
AW: IP Security/anti-hack Would you consider modifying Glizer so that it accepts domain names, too? I'd guess at least some portion of your players has a dynamic DNS host where they use a fully qualified domain name such as "something.cooldns.com". The domain name points to their router's external IP address. The address is updated either by the player's router or a piece of software running on one of clients in the local network. That would further limit the range of valid IP addresses. Well, actually limit it to one. I'm one of those players so I have a personal interest in this feature Others would surely benefit, too.
