Minecraft RCON Setup & Security
RCON (Remote Control) allows you to execute server commands remotely without being logged into the game. It is essential for web panels and mobile admin apps.
Enabling RCON
In your server.properties file, configure the following lines:
enable-rcon=true
rcon.port=25575
rcon.password=YourSuperStrongPassword_!23
broadcast-rcon-to-ops=true
Warning: RCON sends traffic in plain text. Do not use valuable passwords.
Security Best Practices
- Strong Passwords: Brute-forcing RCON is common. Use a random string of at least 16 characters.
- Change Default Port: Attackers scan for port
25575. Changing it (e.g., to25585) reduces drive-by attacks. - Firewall Whitelisting: If possible, configure your firewall (iptables/UFW) to only allow RCON connections from your web panel's IP address.
- Plaintext Storage: Remember that
server.propertiesstores this password in plain text. Secure the file permissions.
Recommended RCON Clients
To connect to your server via RCON, you can use these tools:
- mcrcon: A lightweight command-line RCON client for Linux/Windows. Ideal for scripts.
- Minecraft RCON (VS Code): Manage your server directly from your code editor.
- Rust RCON: A modern, cross-platform GUI tool that supports Minecraft.
Troubleshooting
Connection Refused? Check that the port is open in your firewall (TCP) and that the server has fully started. RCON is not available during the startup phase.