Make discord bot tokens lock on ips so raiders can't use it

P33t

• 2 agosto 2021 19:27

Hello, my friends server got raided by his own bot. We still don't know how it happened because we share 1 ubuntu server that is secure so i dont think he got it from the server but i think that the raider named Darkky probably generated the token and he got it right. So i was thinking how to stop these spammers logging into servers and and breaking them and i think you should lock bot tokens to the ip of the server so if someone get the token he can't log into the bot but he would need to authorize the ip thru discord developer portal or something like that. I think it will stop 99% of these spammers. Discord please do something with it just think what will happen if these guys generated the token and it would match with the mee6 bot. Over 1,000,000 server owners will leave discord because of this problem.

2

• 

  xSavgs

  • 2 agosto 2021 20:22

  The only way this could’ve happened is if you leaked your token or the server is not secure. There is something like a 1 in a billion chance he could generate a token that is right let alone one for your discord server. Tokens are fine how they are you just need to make sure your token doesn’t get leaked.

  0
• 

  P33t

  • 2 agosto 2021 21:20

  xSavgs I don't leaked the token and my friend neither for sure and the token was saved in our vps hosted in germany in .env file so when the hacker get into the server he wouldnt see it he would need to go thru one of the server admins accounts but our passwords was not compromised or something like this and our server has bcrypt hashing, AES-256-CBC encryption, and HTTPS so there's no way of hacking into it. I'm 100% sure that he wasn't in our servers because i have a bot there too that doesn't have token saved in .env. The token is just laying there in configuration file and my server has around 8x more members so i think he would hit my server, not his.

  -1

Accedi per aggiungere un commento.