So when a new player joins that need to do like .spam=I Accept Rules=100 to be accepted. It would work like /acceptrules but with that command
no, if they spam, then get banned, also if they try and accept the rules more then like 5 times in a second, they also get banned. if they just enter it once, then they are good
ok. lets say im a new player. i log onto a server with a hacked client. I need to do the command .spam=ACCEPT RULES=100 to be accepted. I think "AWWW SHIT! i cant do that. I would just spam ACCEPT RULES 100 times in chat!" So i do it anyways. The server realized i tryed to accept the rules too many times in a certain timeframe and so it dosent let me accept the rules. Now lets say im new WITHOUT a hacked client. So i log on and realize that i need to do the command .spam=ACCEPT RULES=100. I think to myself "ok i dont have a hacked client so it will jsut accept the rules." so i do the command ONCE and get accepted. Make sence?
Not all hacked clients have .spam. Decent ones have a different chat input box that doesn't send the .command to the server. Your logic is flawed.
Ok if I understand correctly: When a new player joins they need to type /acceptrules to be able to play. I second this. What about, The serverrules spamming a new players screen (spout). If the player fails to type /acceptrules 3 times they get the banhammer (configurable). This would solve bot attacks, I pissed some Yiff users off. I keep getting botattacks now and then, they come on with 200 players+ trying to crash the server.
Hacked clients, do not send the .%command% to the server, the actual client checks before It sends the chat to the server wether or not it is a client command. Note: Some modded clients (Such as SpoutCraft) have built-in client only commands. Some of spoutcraft's built in commands are: /? and /client gc or something similar. So this is not possible unless people install a client mod that monitors what they type and sends it to the server.
So you're forcing users to use SpoutCraft? It's not hard to send /acceptrules to the server 3 times with a hacked client. In the end, it's impossible to block hacked clients. Hell, I could download the SpoutCraft source and build a hacked client off of that.
Blegh, you need to start somewhere. This would block most clients you can find if you don't know where to look.
It's pretty simple to make a hacked client spout compatible, and it has already been done by some of them. That's really no way to do security.