⭐NullCordX⭐

⭐NullCordX⭐ 3.8.3x

NullCordX
NullCordX is the most advanced proxy in every way, be it performance or features, there is no other like it and at such a low price! From intelligent rotating filters like Cloudfare's to being able to run giant servers in a few instances.
Antibot System:
Performant anti-bot for all systems with a great migration system for Layer7 without relying on Linux software.
However, if you run the proxy as root, you'll get extra features like easy-and-fast mitigation of attacks via deniying connections using IPSet/IPTables

Antibot Checks:
((All checks are configurable, toggleable and quite manipulable))

Human fake-lobby: Advanced filter to verify any prototype of packet, the sentry of high-performant bots with several item-layers like snow, wood, barries, oaks etc... working as Chunk-colission. Also changes dynamically from coordinates. On top of that there are several protocol verifications like Ping-pong, KeepAlive timeouts, WindowTransactions, negative Levitation and HUGE verifications on falling of 3s that makes actually fast and working verification.
Packet-Filtering: Not only are there limits before decompress, but also after decode on all backends colloquially known as "backend anticrash" preventing Netty from using heavy methods and sending very large amounts of data. This avoids using plugins on every backend, natively faster and instant mitigation.
Progressive-check: Depending on how the last check ended, we can force the next check to be skipped or executed on the connection.
Ping check: Connections won't be able to join if their ping exceeds the maximun specified, this usually works with stupid sockets (bots). On top of that we have a native TCP-based check that will compare the latency of receiving a packet from the host with the latency of receiving a packet over the network to filter attacks quickly without requiring any player action.
Mojang requests?: NullCordX prevents plugins from saturating the mojang API to requests invalidating the server for a while thanks to its system that prevents "rate-limits"
Rate-limit -> Is any bot constantly logging into the server? By default the BungeeCord throttle will be used along with a quicker disconnect, but you can use the blacklist module for a longer time.
Framed-captcha -> By looking at captcha systems like Google or cloudfare, we have managed to replicate it in Minecraft to prevent neural systems from bypassing the verification (frame-rotating)
Framed-puzzle -> Innovative image-loaded puzzle (with configurable render layers) based on rotating configurable images.
Solid-netty-traceless -> NullCordX has an advanced attack mitigation system in place to avoid throwing exceptions so that Netty doesn't even know about it, we have some changes that do in software terms that something like low level exceptions are filtered out as well.
Nickname check: Option to verify player names, such as repetitive, blacklisted and strange names, to ensure that even with a bad configuration or with the antibot disabled, any bot from common services won't be able to join.
Direct-Connection: If the counting detects any strange loadup on connections will avoid connections that did not ping server list before joining (Disable it if something caches before pings such as Cloudfare, TCPShield etc..)
Exception check: Most of attacks are based on exceptions, this overloads the usage and floods the console, NullCordX caches them and deny that connection. (( You can limit e-connections and add/remove other packets ))
Internal checks: Certain checks at the Minecraft protocol level limiting the data sent by packets even before entering the server, after decompress including checks to avoid invalid states in attacks without bothering player, either multiple exception stuff such as KeepAlive timeout that checks if the player responsed with the same ID as the server, this is same on 1.8 but with Window transaction
Invalid packet checking: NullCordX verifies Minecraft protocol packets without trowing any exception and kicking instantly if is not recognised.
Geyser checks: We've built-in Geyser Standalone Support, you can choose which checks do they have to pass before joining the backend server.
Blacklist (via iptables/netty): Linux tool implemented to blacklist quickly bad TCP connections to avoid attack reach maximum performance, if you don't have access NullCordX will blacklist bots with netty blacklist module.
Protocol packets: By legally limiting packets according to Mojang's protocol adding innovative checks, we can avoid ilegal attacks that load the system without any human-layer verification.
Proxy-data: Some networks need split their proxy instance on more than one, NullCordX can sync the anti-bot data between them to avoid waste of performance.
Motd/Spam attack: Most of attacks doesn't end handshake process to the end, we directly avoid then when the threshold got triggered, also you can hide favicon when attack is detected to save traffic, even you can cache the requests of the motd and compress the favicon.
There are bunch more of verifications that are secundary, check configuration to enable them


Spoiler: Antibot Config

Motd System (( Native faster))
NullCordX by default comes with a MOTD that replaces the BungeeCord encoder and creates its own packet which supports hexadecimal colors (RGB) and brings more functions.
Apart from that it has another very important function. Exploits have been found that prevent players from entering the server by sending simultaneous requests and freezing the status response.
Thanks to the native MOTD, incoming requests are cached to prevent this type of attack.
In addition, you can hide the favicon to prevent the StatusResponse from ever being compressed. This greatly improves traffic consumption during a massive attack or large traffic.
On top of that Close the connection if the client tries to compute a ping to the server after successfully sending motd during the attack, even you can compress the favicon

Spoiler: MOTD Config

Advanced AntiProxy & AntiVPN system:
Advanced AntiProxy (AntiVPN) system based on known pages with virtually unlimited requests that allow you to block specific countries and avoid proxies.

You can also add your custom AntiVPN with custom url and UTF-8 encoding.
You can configure it to only use the options on certain occasions such as when an attack is detected, always, or disable it completely.
On top of that you can download new databases in configurable time, cache time and even limit the use of threads of your processor.
Moreover, thanks to our Cache system powered by Caffeine, rate-limits are very complicated with free plans. In very few situations this will ever happen.

Spoiler: AntiVPN Config

Advanced Handshake (( Modern Forge Connector
))
Most proxies do not support modern forge due to the strict forge protocol in versions higher than 1.13 which complicates the implementation of forge.
Thanks to our system and a previous implementation of the system called "forge-reset-packet" NullCordX has the system to support modern forge connections without any problems.
At the top of all supports the project called arcligth to further improve the server administrator experience.

Backend Packet Filter (( Anticrash ))
If you are using Spigot / Paper or any other fork of Paper, the proxy will try to manage packets sent to the servers and will blacklist and kick out any player that send more than the max-packet-per-second / max-packets-per-tick threshold.
Is working in all versions to avoiding things like (ToxicClient, PacketCrashers, Heaven) and all related clients.
The server admin can cancel the packet, or just kick it with netty. By default is working with netty, to make a faster mitigation!
Thanks to our fast injection to Netty, we can avoid strange clients that cause heavy Netty method calls making that well known "lag spike" come, forget about spending money on extra plugins for this!
This not only avoids security problems in your backends, but also limits the amount of packets that the client can send to the server, thus improving the server's performance in handling them
Packet limiter can help you to stop most of the Crash Exploit, however others may continue to have exploits to crash servers generated by buggy plugins, paper exploits etc..

Bad-connection Filter (( Forwarding ))
BungeeCord has a serious "glitch" if the proxy is not configured properly. By which they can access your backends with any UUID and so on, we have a solution on this.
NullCordX has a Forwarding system that generates randomized keys (like Velocity) to avoid using plugins like BungeeGuard (although it is compatible).
At the top we have a system that avoids rate-limits with Skins plugins, logs and any software that uses the mojang API.
Which is based on putting everyone in the verification with an offline ID, and after re-connecting they will have the real one, so the rate-limit does not exist!
You can also disable it and continue using the legacy BungeeCord system (ip_forwarding), or upgrade to Modern-forwarding.

Optimization:
Performance is our main focus, as this is the key to a project. Therefore we have an extensive list of changes and options to increase it without causing problems with plugins (Guaranteed less consumption with NullCordX)

Compression -> NullCordX improves the proxy system when compressing packets, this indirectly optimizes CPU consumption during packet compression and decompression. Besides that it is used to load Captchas faster "known as libdeflate".
Waterfall-patch-> If you want, you can further improve the performance by disabling the ConnectionInitEvent that Waterfall introduced in the proxy, this can greatly improve the performance in attack, however there are some plugins that depend entirely on it.
Better frame decoder -> Not only improving performance, but also being able to block exploits without needing any filter to bother the player. Also a great improvement in the packet flow is noticed.
Multi-Threaded -> All the tasks run in a different thread to avoid saturations in attack, spliting them avoids high thread usage and improves the load.
Packet-improvements->If the entity rewrite is disabled (thanks to the waterfall patch) it will avoid copying the decoder buffer, this will improve consumption during high loads
TFO -> If enabled, you can speed up the opening of successive TCP connections between <server | client> improving traffic and optimizing connections to the client, known as TCPFastOpen.
Backend-flush -> If your fork supports it, all packets flown would be handled by the proxy improving scalability and backend performance
Consolidation-flush -> Netty introduced some time ago an event called FlushConsolidationHandler, which handles much less syscalls, higher throughput and packet flow, and environment consolidation at the proxy level
MOTD packets ->In the MOTD you can disable the favicon on attack, which would save 8 kilobytes itself. Our cached ping is created completely separately and immediately into a byte buffer. In that case, we do not use bungee packet encoding.
Internal changes -> Not only are all of the above improvements being applied, but the Waterfall structure itself has also been improved without breaking anything. Thousands of changes throughout the software made it so that the consumption is much better than any fork, even bordering Velocity or surpassing it.
Best Ping-Handler -> Packets will not pass trougth unnecesary handlers, wich improves the performance and ping system of the whole proxy
Best compression -> NullCordX compresses the packets before, for this reason it does not need to compress the packets of the antibot for each player in an attack, making that during an attack the consumption is null (making the best anti-bot solution)
Encoder-handler-> You can activate the option to encode the packet, it also compress packet if needed (this avoids creating the exact same byte buffer every time), if many protocols do not have packet differences, saving memory in the packet.
Internal usages like "MultiVersionCache" that tries to encode and cache packet (also compress if packet needs) avoids creating the same buffer for several protocols if don't have any difference between packets trying to save resources

The best compatibility and advanced fork:
NullCordX is the most advanced fork in market with external compatibility, adding a lot of features that are not in market.

Our community likes to have modern things like the competition, that's why we have added multiple improvements respecting everyone.

Most of the Spanish community uses NullCordX since the main developer is Spanish, feel invited if you are too.
Modern Forge Connector (1.13+) -> NullCordX implements a packet reset system for modern forge connections which allows the entry of connections without limitation.
Smart-antibot -> The proxy will re-create the frames as they are used and delete the object called "bad frames", this will cause more difficulty for neural systems to achieve an attack. Besides that we are the first to implement a rotating nine-frame system for each client side similar to captchas like Cloudfare or hCaptcha, which further complicates the task. In addition, after a connection fails, the proxy sends a completely different and more complicated verification, increasing the ban time.
Smart-debug -> Need more information? You can activate debug levels for the proxy that will help you decipher problems. You can also execute /nullcordx dump and will generate a friendly link into our web.
Smart-detection ->Thanks to our advanced filtering and caching system we can prevent bad connections from having a real impact by separating them in a bot filter.
Online-cache -> Minecraft servers down? NullCordX caches player requests up to 24h for this kind of cases. Being able to support premium players for a whole day without any problem.
Smart-logg-in -> You don't care about advanced logs like Netty/other libraries used in the project? You can totally filter them forever, or only when an attack is detected. This relieves the console load and makes it readable in most cases.
Smart-API -> Extensive API for developers, being able to send checks, detect attacks and even inject into the ChannelWraper with simple methods is possible thanks to our robust feature.
Bedrock support -> Some forks often have problems with Bedrock. In this case a module is implemented that works together with geyser and floodgate to support the connections without failures.
Dynamic-DNS support -> Compatible dynamic domain name system to check the relevance of the IP address from time to time by extracting it from the dns server (usefull if a domain is used as the IP address of the server)
Gradient system -> The proxy has access to RGB colors in all customizable messages, also in the MOTD for scalability.
Advanced filtering -> With NullCordX you can randomize frames, use render layers (such as curves, objects, gradient, ripple, noisy, dithering and even splitters), even use post-render layers. Making it the most-advanced high-layer solution
Module system -> It's a tiresome thing to have to download the modules in every BungeeCord update, we have them integrated as commands (also you can enable/disable them as you want)
MOTD integrated -> NullCordX will activate a system in which you can limit slots, configure favicon compression, player information, rgb and legacy color support, even disable motd and let the proxy cache requests. All this to have the best performance and avoid slow-downs!
Heavily customizable-> Everything is configurable, even the platform on which Minecraft connections drop to be verified.
All our changes have been tested before being released, making the proxy as stable as possible for the market.
On top of that the configuration is fully documented (even bungeecord and waterfall's) so that the user knows how to guide himself without any wiki.

2022-07-21_13-52-11-png.522071

IPTables firewall:
IPTables is a Linux-only tool that allows you to modify all kinds of internet rules, and the best way that we can use to blacklist TCP connections.

If the server has ROOT permissions, a tool called ipset will be used that allows us to block IP Lists and we can use it to block by time.
This way we can mitigate attacks much more quickly and efficiently without having to have a very good system.
Otherwise, if the server doesn't have ipset feature it will use layer netty system implemented for blacklist with same features.

More features:

All the anti-bot checks can be toggled, or configured to work only under attack.
Support from java 8 to latest
Anti-bot working in all type of system (NIO WORKS GOOD)
Friendly and easy configuration to understand for new people (all the configuration is comented)
No rate-limits, forget having plugins by our pretty cache and handling
Supporting modern forge-handshake connections.
Option to blacklist and whitelist countries.
"Anticrash/antismasher" for spigot without replacing decoders, fast-and working
Dynamic Domain Name System support (DynDNS)
Huge debug system (toggleable) and configurable-debug-levels
Automatic config updater. We frequently add new things, there is no need to delete them. The proxy will detect changes at startup and replace it with the new one without touching what was already there.
Hexadecimal support for all the proxy (motd, messages, actionbars..)
Modules built-in, no more manual downloads (all of them are toggleable)
Cached blacklist module for not-linux operative systems
UTF-8 support on messages.properties (Mostly for asian servers)
Ability to generate new captchas
Auto-download of messages.properties, you don't need to manually create it
Ability to see plugins used on proxy
Ability to verify the player if changes the IP (or disable)
Ability to progressive-ban the players
Ability to reload the proxy & the anti-bot system (/nullcordx reload)
Ability to disable human filtration for specific plataform (Like Java-geyser)
Ability to configure fall verification such as colission time, item coordinates, drop-time.
Ability to customize anti-bot images, fonts and regeneration time
Ability to get redirected into the Lobby instead getting disconnected on a backend crash
Ability to customize what packets should the proxy blacklist trigger
Ability to configure how protocol works, such as limits, tasks etc.
Ability to see hardware usage, such as (CPU, ram, threads) even on actionbar
Ability to change server-icon name for extra-features
Ability to configure how database works, such as Sqlite, Mysql ,HikariCP for external databases and PostgreSQL
Ability to configure compression level only on linux
Ability to use native motd system very configurable (Slots, player-info, cache, compression for faviconetc.)
Ability to disable ConnectionInitEvent of Waterfall (Some plugins need it)
Ability to hide logs and only send one warning to know when the attack stoped/started
Ability to disable scoreboard teams bug (toggle completly the packet)
Ability to disable/enable certain waterfall module such as reconnect/commands etc..
Animated / static captcha. You can select a gif or png for the captcha background or just let it blank.
Ability to see traffic usage, such as Open connections, in-traffic/out-traffic (kb/mb)
Ability to make range-servers for large networks with lot of sub-servers
Ability to reload the whole proxy/antibot without restarting the instance
Ability to blacklist versions+range of versions on the NullCord'S config
Ability to randomize rows and colums for buffered images
Ability to disable chat-popup messages when you join or switch a 1.19.2+ server
Ability to cache decoder and encoders of the proxy
Ability to limit chat packets per second, to avoid Component exploiting
Ability to use the render layer splitter for captchas
Ability to disable hit platform for fall check (water-snow) for colision stuff
Spoiler: Main Config

FAQs:

ViaVersion: The only thing that viaversion does in bungeecord is to force you to use the entity rewrite and have to copy the entire buffer for each connection, which is redundant.
Is there any API?
Yes! We have an API, that you can use to detect attacks and send alerts to a discord channel, for example.
You can also inyect into the Channel pipeline, send captchas and manage all the proxy.
Can i buy with Cryptos?
Yes, all you have to do is to enter our discord and contact us.
Why would I buy this software instead others?

The proxy does not depend on external applications such as Ipset/iptables to run well
You can remove completly captchas and keep easier verifications
Very fast in updates, if a new version is released, it is updated the same day
Stable fork, our most updates are solid and there are almost no reported problems, you won't see 10 updates after a new snapshot.
The MOST advanced bot filtering solution with framed-puzzles, animated-captchas and a long etc, no-needed 2019 verifications.
Unbeatable price compared to competing software (The most extensive fork in the market)
Incredibly fast and global support, our staff is able to help in less than 15 minutes and fix any problem in most languages
Our ideas are clear and precise, we don't need to copy each other to make something good
Test Server

69495210aebf1fdbb0854542caeb666a92d68814?url=http%3A%2F%2Fstatus.mclive.eu%2FMangelo%2F47.206.114.243%2F25576%2Fbanner.png

Contact me if you need it: xIsm4#9127
Author
Mined
Downloads
196
Views
524
First release
Last update
Rating
0.00 star(s) 0 ratings

More resources from Mined

Top