Revision Difference
rust-companion-server#546669
<cat>Play.Hosting</cat>
<title>Rust+ Server</title>
# About
The Companion Server is what Rust+ uses to communicate with Rust servers. If something is wrong with it then nobody will be able to view your server in Rust+, even if they pair with it. They will see it loading for a while before it says the server is offline.
# Making it work
For most people, the only requirement for the companion server to work is to make the TCP port the companion server listens on accessible over the internet. Port forward, open it, add firewall rules for it, done.
You can use the `app.info` command on your server to show what port the companion server is using. If you need to switch it to something else, you can specify the port to use in the `app.port` convar. This port must be 10000 or higher for it to be successfully reached by our Rust+ backend. You will need to restart your Rust server for the port change to take effect.
If you have a more complicated networking setup where you need to specify which NIC to listen on then you'll need to set the `app.listenip` convar to your Rust server's public IP address. You can check the connection settings the server is currently using with the `app.info` command. If the IP address that the app connects to is incorrect, you can set it `app.publicip` to the value you need.
If you get errors about companion server registration or push notifications aren't working then make sure your server can access companion-rust.facepunch.com over the internet.
If everything is still broken you can submit feedback [using this form](https://form.asana.com/?hash=050f6e1785b7ab30f75bc0765214aded9dc4bd3061666b80f08378c2ac8032a4&id=1177653515858997).
# Checking if it works
The most straight forward way to test is by pairing with the app itself - but if you have many servers there's an easier way. You can use a tool like [Postman](https://www.postman.com/) to test connections to the companion server. Simply create a new WebSocket request and type in the Rust server's IP address and companion server port into the "Server URL" field. For example: `ws://203.0.113.111:11111`. Press the "Connect" button and you'll see if it connected successfully in the messages log below.
# The "companion.id" file
You may have noticed a `companion.id` file in your server's save folder recently. This file represents your server's identity to Rust+ and should always be kept with your server and its backups.
Here's a list of rules for this file:
* Do not give it to anyone else.
* Do not use someone else's file.
* Do not use the same file on multiple servers.
* Do not randomly delete it.
* Do not change the "app.id" convar.
Breaking any of those rules will make your server behave weirdly in Rust+, disable notification permission for all your players, and probably require all players to re-pair with your server.
A brand new identity will be generated for your server if you do delete it. There's no getting it back once it's gone!
# Disabling Rust+ on your server
If you need to disable Rust+ on your server for whatever reason, the proper way to do so is to set `app.port` to -1 in your server command line (note: due to command line parser conflicts you will need to specify it as `+app.port 1-`). This is the only way to turn it off entirely. Players will be able to see that Rust+ is disabled if they open the Rust+ menu on their clients while connected to your server.
# Automatic connectivity testing
An automatic connectivity test was added into the Rust server to disable Rust+ on servers that are not configured properly to allow connections to the Rust+ companion server. If a server fails this test, it will automatically disable Rust+ on the server and players will see that in the in-game Rust+ menu. This prevents players from being confused when they pair the server but it shows up as offline in the app.
The following error message will be visible in your server log if connectivity is not working: `Rust+ companion server connectivity test failed! Disabling Rust+ features.` Details will be provided in the error message.
To fix this error message you will either need to configure your server so that the test passes or disable Rust+ properly (see above).
Please keep in mind that Rust+ has to be configured on a port equal or above 10000 as described [here](https://wiki.facepunch.com/rust/rust-companion-server#makingitwork). The connectivity check will not work on ports lower than that and neither will Rust+.
Further more, to prevent abuse, we've limited the amount of connectivity checks available per IP to 10 tries per 5 minutes! If you're running multiple Rust+ instances behind a single IPv4, make sure to not boot more than 10 servers during a time delta of 5 minutes. If you've hit the threshold, you'll have to wait for 5 minutes until you can register new Rust+ instances with our Companion Server backend.
# Security / Hardening Advice
In case you're looking for a hardened setup for your gameservers or you're already blocking/dropping traffic
on unused ports, it is a good practice to only accept incoming connections from the Rust companion server connectivity check for ports configured and used by your gameservers. Whitelisting the connectivity check IP is not a good idea for security reasons.
All Rust companion connectivity checks origin from `137.117.99.211`. (As of writing the connectivity-check only
supports IPv4 addresses (e.g.:127.0.0.1))
supports IPv4 addresses (e.g.:203.0.113.113))
Because of design reasons, malicious users are able abuse the companion connectivity check as port scanner against
any IP for ports equal or above port 10000. Even though the risk of abuse is small (checks are rate-limited per querying IP to 10 requests against one target per 5 minutes), it is still advisable to not allow any further communication from the connectivity check.