<cat>Play.Hosting</cat> <title>Creating a hidden whitelisted server</title> This guide will cover basic steps to set up a hidden whitelisted server aimed at advanced users with root access, it will not cover installation. The purpose of this guide is to help server owners avoid DOS attacks and the server being discovered publicly. Rust by default doesn't offer a whitelisting system and Umode/Oxide must be used. # Requirements * Strong knowledge of server hosting * Knowledge of Rust server installation * Knowledge of Oxide/Umod installation * Knowledge of Windows/Linux firewall-config # Server Hosting While this guide will advise on remaining hidden it's strongly recommended you use the best server hosting around with the ability to change IPs quickly, strong DDOS protection and no null routing. Facepunch uses OVH Gaming for years with great success and comes highly recommended. # Ports Highly advised to use nonstandard ports, this will help minimise attack vectors. It's highly advised to use nonstandard ports, this will help prevent server list scrapers from accessing your information. ```markdown server.port⤶ rcon.port⤶ server.port (Default: 28015)⤶ rcon.port (Default: 28016)⤶ ``` # Steam queryport The Steam queryport should be blocked at all times otherwise the server can be discovered and seen within the Steam master server list and within Rust server listings. The Steam queryport should be blocked at all times otherwise the server can be discovered and seen within the Steam master server list and within Rust server listings. ⤶ This is the port that responds to the Steam queries, which is what Rust and other third party applications use to populate server information. This can include but is not limited to: server name, server player count, map information and active players.⤶ ⤶ You can easily avoid this information being so public by setting the queryport to something obscure which you can later refuse traffic to using a firewall.⤶ ⤶ For example, if you set your queryport to 111111 you will need to reject UDP & TCP to port 111111 on the IP address that you're using for the server.⤶ ```markdown queryport ``` # User's Visibility At all times users should be set to "Invisible" on Steam as not to display the Game, IP and port on their Steam profile. <upload src="2b7da/8d8b0ed5a3cf6e4.png" size="26850" name="image.png" /> # Users Connecting It's common for content creators to accidentally show sensitive information on live streams so it's highly recommended connecting to a server via keybinds: Bind this 'off-stream' / 'out of view of viewers' (F1 command) ```markdown bind f6 "client.connecthidden IP:PORT;console.clear" ``` The streamer will just need to press F6 from the main menu to connect thereafter and never leak server info. # Other helpful Server Commands ```markdown⤶ censorplayerlist true⤶ ```⤶ ⤶ | Command | Description |⤶ | ------------- |:-------------:|⤶ | censorplayerlist true | This will mask the player names being accessible by 3rd party applications scraping server lists. |⤶