1657807952773-png.520162

 

⋘────────────────────↠∗∗↞────────────────────⋙

NullCordX is a fork of the well-known Waterfall to server teleportation suite built into fully protection & performance-boost even adding modern forge and bedrock standalone support (Probably most advanced on sale)

https://www.youtube.com/watch?v=pjg1OzVj_GE&t=2s

How the anti-bot works:

Not like other anti-bot systems we are non-Linux only based, if you are using an Shared host or Windows we have another module of blacklisted cached with netty. However, if you run the proxy as root, you'll get extra features like easy-and-fast mitigation of attacks via deniying connections using IPSet/IPTables.

  • Human fake-lobby-> Advanced filter to verify any type of sent packet, the sentry of high-performant bots, you can configure it to work under attack only, or even disable it.
  • Latency check -> System to add an limit of ping and kick it if is bigger. (Configurable limit)
  • Join check-> If the player have never joined before and the server is under attack, will ask for re-join
  • Nickname check -> Option to verify player names, such as repetitive, blacklisted and strange names.
  • Proxy check -> NullCordX verifies the request to the server, and if is detected as proxy will be blacklisted.
  • Direct-Connection-> If the software detects any strange loadup on connections will avoid connections that did not ping server list before joining.
  • Advanced bot manager-> Checks if the entity its acting as a bot via repetitive tasks, movements and packets.
  • Exception check -> Most of attacks are based on exceptions, this overloads the usage and floods the console, NullCordX caches them and deny that connection (you can limit e-connections and add/remove other packets)
  • Internal checks -> Internal netty & anti-exploit checks with the purpose of not bothering the player.
  • Multiple exception -> Most of "smashers" are based on spamming legit BungeeCord packets to the instance, you can limit and avoid them.
  • Name blacklist -> This option is very good to avoid flooding of basic "ddos" systems with pre-based names without an alteration, the connection will be closed and blacklisted for the configured time.
  • Favicon check -> Option to check any attempt of an invalid ping will blacklist the connection.
  • Geyser checks -> If its enabled, some bedrock checks that are specifically for bedrock players will start working.
  • Blacklist (via iptables/netty) -> Linux tool implemented to blacklist quickly bad TCP connections to avoid attack reach maximun performance, if you don't have access NullCordX will blacklist bots with netty cached-blacklist module.
  • Uncompressed Login packets -> By limit on uncompressed packets before player logins and if and if it is exceeded, it will be thrown out.
  • Invalid packet checking -> NullCordX verifies Minecraft protocol packets without trowing any exception and kicking instantly if is not recognised.
  • Cloud system -> Through several time, NullCordX verifies if the connection is already blacklisted on the system.
  • Proxy-sync -> Some networks need split proxy instance on more than one, NullCordX can sync the anti-bot data between them to avoid waste of performance.
  • Packet-cache -> Waterfall has too many exceptions, but NullCordX has a system that caches most exceptions and packets, making the impact minimal.

Spigot Anti-Crash

Version 1.8 is quite old, and tends to have many problems with packet and netty security, causing crashes/lags with clients, people to fix it are using plugins that only are giving issues with other plugins, fake-detections and lag.

If your fork supports it like (Spigot/Paper/SuperPaper), the proxy will try to manage all packets.

On top of that is working in all versions to avoiding things like (GasClient, ToxicClient, PacketCrashers, Heaven) and all related clients.

The server admin can cancell the packet, or just kick it with netty > By default is working with netty to faster mitigation!

Proxy Secure Level

Waterfall opens up endless possibilities to new exploits that can consume all your resources and even throw the instance.

NullCordX is more than secure against this kind of attacks, and mitigates it instantly for as long as you configure it, you can be secure with exploits.

Legit Optimization

It is legitimately impossible to have a large server with Waterfall, as its consumption is very extreme with a large number of players in a single instance, this proxy is the most-advanced in performance boost.

NullCordX natively changes the Waterfall compression system to something more stable and performant, this is really util for large networks.

Boosted native-encryption usage with replacements

Not like other anti-exploit systems, we run all our anti-bot multithreaded, to load the balance into multiple tasks.

NullCordX avoid heavy copy of buf on Waterfall, this is not maintainable for the proxy.

On top of that, we added Tcp Fast Open (System to handle connections faster) between server and client. Which makes a proxy more effective.

Best frame-decoder for the proxy, improving the packet handle and security

If your spigot fork supports it, all the flushed packets would be handled by the proxy improving the performance scability.

Best compatibility & The most advanced fork

NullCordX is the most advanced fork in market with external compatibility, adding a lot of features that are not in market.

Our community likes to have modern things like the competition, that's why we have added multiple improvements respecting everyone.

Most of the Spanish community uses NullCordX since the main developer is Spanish, feel invited if you are too 

Modern FORGE (1.13+): For now, the upstream does not currently support modern forge, and there are many servers that do need it, so NullCordX has implemented it in an efficient way, no fork with all these features has it.

Bedrock support: Bedrock has a lot of problems with anti-bot checks, logging and so on, if the administrator wants he can make any check to be skipped for bedrock players, also you can set the anti-bot time different from the java time.

DynDNS support. We have implemented a much requested feature, which is not yet in this market (Dynamic Domain Name System support) for those hosts that gives compatibility to in-house hosts, by default Waterfall does not support it.

nLogin support. This plugin is very good, and that's why we have supported using their cloud system and api to avoid verifying people who already did it once, besides that you can skip verifications for bedrock.

Hex system.  As modern proxy NullCordX supports hexadecimal colours on all anti-bot checks for modern versions, default format.

Module system. It's a tiresome thing to have to download the modules in every BungeeCord update, we have them integrated as commands!

MOTD integrated. If is enabled, NullCordX will activate a system in which you can limit slots, configure favicon compression, player information, rgb and legacy color support, even disable motd and let the proxy cache requests. All this to have the best performance

Helly customizable. Almost +240 lines configurable, 3 types of data-bases, With NullCordX you can customize even the fonts/images of the anti-bot colours, even add gradient like:

2022-07-21_13-52-11-png.522071

 

Advanced AntiProxy, AntiVPN system.

Buyers enjoy a fairly extensive api updated every day with a fairly extended limit, to avoid rate-limit crashers.

You can also use different AntiProxy pages/licenses, but we have a cloud system to save all the proxies that are blocked, so that on another server they will not be used again.

In addition, you can block specific countries that tend to frequent many attacks (you can also activate it when an attack is detected).

IPTables firewall

IPTables is a Linux-only tool that allows you to modify all kinds of internet rules, and the best way that we can use to blacklist TCP connections.

If the server has ROOT permissions tool called ipset will be used that allows us to block lists and we can use it to block by time.

This way we can mitigate attacks much more quickly and efficiently without having to have a very good system.

Otherwise the server does not have it, will use default (netty-cached) blacklist system based on pipeline check.

Proxy improvements

We care a lot about security, that's why we have a debug mode, if something goes wrong you can report it and it will be fixed in a very short time.

If the instance crashes, we can see what's going on and check the packet type and fix it in minutes!

Very intense proxy scraper (100k+) per day, and we keep adding more pages so that most attacks are instantly invalidated.

Instantaneous mitigation for related to layer7 or netty, no performance loss.

By default, you can disable all checks, but if there is an attack and it is not completely disabled, it will still ask for them.

Thanks to our upgrades and login caching we can still handle premiun connections even if the Mojang api is down for some time.

The anti-bot plugins are not comparable with the proxy, since when using events the performance drops scalably, apart from the fact that natively it can hold much more.

Extense api for developers, you can get the instance of NullCordX, also you can detect the trigger of BotAttackDetectedEvent and PingAttackDetectedEvent to use it as you want.

More features

  • All the anti-bot checks can be toggled, or configured to work only under attack
  • AntiNullPing, AntiSmasher, AntiPing, AntiBot system all aplicable on all operative systems.
  • Friendly and easy configuration to understand for new people.
  • Hook into some plugins like (jPremium, DynamicBungeeAuth and SkinsRestorer) to avoid rate-limits.
  • Not kernel based, we allow shared hosts to use the software without any limitation.
  • Powerfull toggleable-logger system to avoid unwanted, and few random logs
  • Supporting modern forge connections.
  • Option to blacklist and whitelist countries.
  • "Anticrash/antismasher" for spigot, Our bridge handles the packet before player hits spigot.
  • Dynamic Domain Name System support
  • Ability to see plugins used on proxy
  • Ability to reload the proxy & the anti-bot system
  • You can report & find any bug launching -DnullCordX.handleExceptions flag
  • Hexadecimal support for all the proxy, even motd system
  • Modules built-in, no more manual downloads!
  • Ability to customize anti-bot images, fonts and regeneration time.
  • Ability to customize what bad-packets should the proxy blacklist under attack
  • Cached netty blacklist module for not-linux operative systems
  • UTF-8 support for messages of Waterfall (Mostly for asian servers)
  • Customizable cached-motd system, very recommended
  • Command to generate new captcha (When you want)
  • Auto-download of messages.properties, you don't need to manually create it
  • No fake triggers, the anti-bot is smart depending on the network.
  • Ability to see hardware usage, such as (CPU, ram, tasks) even on actionbar
  • Ability to configure how database will work, such as Sqlite, Mysql ,HikariCP for external databases and PostgreSQL
  • Ability to configure compression level, higher values will use more CPU and less traffic.
  • Ability to use native motd system very configurable (Slots, player-info, cache, compression favicon and a lot more!)
  • Ability to disable ConnectionInitEvent of Waterfall (Some plugins need it)

Test Server

1657808041464-png.520164

⋘────────────────────↠∗∗↞────────────────────⋙

Contact me if you need it: xIsm4#9127