1. I want to introduce my new web-based and totley client-side RCON admin tool. I'm gonna post it here first as I find this the best place to reach Rust server owners.

    RCON:IO has the basic tools an admin/owner would need. You'll find a console, player list and some handy tools to administrate your server. It has an advantage of being accessible directly in your browser without any need for third party installations.

    As this is the first release I've only focused on the basic features. I will continue adding more functionality and features and everyone contribute at our Trello Board (see the website for link).

    Security:
    RCON:IO do not save any information about your server. All the information are stored in your browser and is wiped on logout as the tool is completely client-side and uses Websockets to connect to your server.


    You can try it out here: RCON:IO

    Feel free to give me some feedback :) I'm watching this thread.


    Screenshots below:
    [​IMG]
    [​IMG]
     
  2. Looks good, I can also confirm that this appears to be purely client sided as there don't appear to be any shady packets being sent somewhere else.
    I kind of wish Rust supported wss, though. Rust RCON is inherently vulnerable to MITMs and connection hijackings (especially when auth is as simple as ws://<ip>:<port>/<password>). You can still add a TLS service in front of RCON, but most people probably won't do that, so there's no real point in adding that option to your RCON tool (although it would be kind of sweet ;)). Even some basic encryption without certification would be better than the current situation of default RCON (even though this wouldn't be completly safe either).

    Some ideas:
    • List tools in a dropdown menu. The current view might get a bit messy once you add more tools.
    • Inspect event.error passed to the callback of websocket.onclose to inform users why a connection broke down. You should definetly add a hint to use +rcon.web 1 when the connection is actively refused.
    • Fix capitalization inconsistencies.
    • Use more vertical space for the console.
    • Fix centering of "to" of teleport tool.
    Also, sometimes the login button doesn't seem to actually change the view, although the link changes. Not sure why, I couldn't effectively reproduce it yet, and the console didn't seem to show any obvious errors either.
     
    Last edited by a moderator: Apr 24, 2016
  3. Thanks for your feedback and your "authentication check", sqroot! With only feedback from the voice of one guy it will make the tool even better.

    About to your bullets:
    • List tools in a dropdown menu. I'll have to think of a clever way to filter the tools somehow. Even shough its done with a dripdown, sub-menu or tabs I have to rework it. I'll come back to this enhancement soon.
    • Inspect event.error passed. I'll work on this one today (thanks for the tips). I should definetly add a hint to use +rcon.web 1 when the connection is actively refused. (Let's hope that this is not the same event that will be passed when the password is wrong?)
    • Fix capitalization inconsistencies. I'll work my way throug all the capitalization inconsistencies and other text relateted fixes.
    • Use more vertical space for the console. This is more a question then an answer: Do you think of the lack of space between the console text and the top border of the console frame? Or is it spacing between each log row?
    • Fix centering of "to" of teleport tool. An update with this fix will be pushed today.
    I'll look out for the bug where sometimes the login button doesn't seem to change the view. Have this bug occurred more than once?

    When I started working on RCON:IO i first wanted to use WSS and its obvious advantage of being encrypted. But as you wrote.. Rust does not support it. I notified Garry on twitter about this problem as well as the vulnerability to brute-force when you have unlimited tries on the password.

    I'll immerse and try to find a TLS solution that can be optional for more advanced users.
     
    Last edited by a moderator: Apr 24, 2016
  4. Here's an example: http://i.imgur.com/oyayjBd.png

    I sort of understand why Rust doesn't support wss. Most clients probably wouldn't bother to get themselves a cert (although this is fairly easy nowadays luckily).
    Certs are also usually registered for domains and not for IPs, and even then, most hosters probably wouldn't be able to guarantee that the IP stays the same.
    Servers essentially don't have a true identity attached to them. You could do this by registering a domain for the server or a fixed IP, but it would only apply to a very small amount of people (because who the hell tries to MITM a Rust server? ;)).
    It'd be possible for Rust to roll a custom encryption that requires server owners to cert themselves using an email address to be considered by the master server, but this increases the barrier of entry for new server owners a lot, which isn't desirable, and it's a lot of rather pointless work.
    Those that really care can just run their own TLS service and I can definetly see how this isn't a priority of the Rust devs.
     
  5. As server owner I see the potential of having a "server profile". Which stores the rcon(encrypted) and letting me add different kind of permissions based on steamid.
     
  6. What you're asking for is an account system for RCON.
    IMO this goes way beyond what RCON should pragmatically be capable of. It's a tool for the owner to administer the server, not for mods. Mods need to be ingame either way to make effective decisions. There isn't much of a point in limiting owner access.
    Also, this is something Rust would have to implement.
     
  7. Beeing able to ban, kick or mute someone via a tool aswell as see the banlist is in my eyes something mods could benefit from.

    Edit:
    -Also having a playerlist with all steamids, IP and country is useful information for mods. Now, mods has to open up their in-game overlay and check playerinfo to get their steam profile and transform it to steamid64 if the player has weird name like chinese characters.
    -Mods would be able to IP ban with the tool.
    -Having notifcations for mods is also useful, knowing when they are called and monitor chat abuse.
    -Just like RustAdmin it would also be beneficial to mark notes on different users for different degree of abuse on the server. Sharing this admin/mod wise is a powerful thing.
     
    Last edited by a moderator: Apr 24, 2016
  8. To be able to properly judge whether someone should be banned or kicked a mod should probably be ingame, you're right about mutes, though.
    You could accomplish this via a server sided tool that acts as an RCON server and filters commands based on some account system.
     
  9. Thanks for the example. I'll make the console span over the entire free space.

    To make something like player notes, auth levels connected to your Steam-ID and other functionality that do not share or handles by the Rust-servers dataset I would have to open a database and start storing server information. Yes, this is possible but would take away the original concept behind RCON and it will no longer be client-side. Another solution would be a custom RCON:IO plugin that stores and handles all the "custom" data through the WebSocket (Only to be used by modded servers unfortunately).
     
    Last edited by a moderator: Apr 24, 2016
  10. why can't I log in? writes opsssss .... all I submit is correct, what could be the error?
     
  11. Have you added "+rcon.web 1" and specified a port and a password for Rcon in your .bat-file or startup arguments?

    Example:
    Code:
    +rcon.web 1 +rcon.port 28016 +rcon.password "YourPassword"
     
  12. sorry, didn't notice apparently, now add, unsubscribe
     
  13. Very good job ! can we have an automatic message configuration ?
     
  14. Like adverts that appear in chat every X minutes? Or responses to questions automatically? If you're looking for adverts see Notifier for Rust | Oxide
    [DOUBLEPOST=1467882217][/DOUBLEPOST]
    If you're running a vanilla server, I'd reccomend RustAdmin.
     
  15. But RustAdmin need a computer always on, so if you add this feature to your system, it can be great for those who can't let their pc working a month
     
  16. Depends, do you have a dedicated machine?
    Either way, if you want adverts, use Skin's Notifier Plugin
    Notifier for Rust | Oxide
     
  17. But notifier plugin will make my server modded and not vanilla right ?
     
  18. Why are you on a modded forum?
     
  19. Because rcon.io is a beautiful tool to administrate your server without any plugin and it's post here
     
  20. Looks clean! So far the best looking web RCON.