Server security goes beyond DDoS protection. Cheaters ruin player experiences, compromised admin accounts destroy communities, and poor security practices create vulnerabilities.
Easy Anti-Cheat (EAC)
Rust uses Easy Anti-Cheat (EAC) by default. It runs on the client side, detecting:
- Memory manipulation (aimbots, ESP)
- Modified game files
- Known cheat signatures
- Injection of unauthorized code
As a server admin, EAC works automatically. You can disable it for testing (-secure false), but never run a public server without EAC.
EAC Limitations
EAC catches many cheats but not all. New cheats often work for days or weeks before detection. For competitive servers, supplement EAC with server-side monitoring.
Server-Side Anti-Cheat
Oxide plugins that detect suspicious behavior:
Movement Checks
Detect speed hacks, fly hacks, and teleportation exploits:
- Monitor player velocity against maximum possible movement speeds
- Flag players who cover impossible distances between ticks
- Check for vertical movement inconsistent with jumping/falling physics
Combat Checks
Detect aimbot and recoil modification:
- Track accuracy percentages over time (nobody maintains 90%+ headshot ratio)
- Monitor recoil patterns against expected weapon behavior
- Flag impossible shots (through terrain, beyond weapon range)
Resource Checks
Detect item duplication and spawning:
- Monitor inventory changes for impossible item accumulation rates
- Track crafting outputs against input materials
- Flag inventory items that weren't gathered, crafted, or looted
Admin Account Security
Separate Admin Account
Use a separate Steam account for administration. If your main gaming account is compromised, your admin access isn't.
RCON Security
- Use strong, unique passwords (16+ characters)
- Restrict RCON access by IP address
- Change RCON password regularly
- Don't share RCON credentials - give server access through the hosting panel instead
Moderator Vetting
- Start new moderators with limited permissions
- Escalate privileges over time
- Use Oxide logging to track all admin commands
- Regularly audit moderator actions
Player Reports
Establish a clear reporting workflow:
- In-game reports: Players use F7 or a custom command
- Discord reports: Dedicated channel for reporting with evidence
- Investigation: Admin spectates the accused player
- Decision: Ban, warn, or dismiss with documentation
- Appeal: Process for contested bans
Logging
Enable comprehensive logging:
server.printlog true
Oxide provides additional logging through plugins. Log:
- All admin commands
- Player connections and disconnections
- Chat messages (for harassment/threats)
- Bans and kicks with reasons
- Plugin errors
Store logs off-server. If the server is compromised, local logs are unreliable.
File Security
- Keep server files updated (Rust and Oxide)
- Don't install plugins from untrusted sources (malicious plugins exist)
- Review plugin source code before installation (all Oxide plugins are open source)
- Backup regularly and verify backup integrity
Space-Node handles infrastructure security (OS updates, network protection, access control) so you can focus on in-game security. All plans include DDoS protection and automated backups.
