When running a public Minecraft server, it's vital to understand the main security risks. Giving a server too much access to your machine can allow hackers or other malicious actors to do substantially more damage. Knowing how to prevent this is essential in running a public Minecraft server, or realistically any public internet service. Recently, Paper has started providing a message on startup to warn servers against this. If you see the following message, follow this guide to understand the risks and prevent them.
YOU ARE RUNNING THIS SERVER AS AN ADMINISTRATIVE OR ROOT USER. THIS IS NOT ADVISED. YOU ARE OPENING YOURSELF UP TO POTENTIAL RISKS WHEN DOING THIS. FOR MORE INFORMATION, SEE https://madelinemiller.dev/blog/root-minecraft-server/
In terms of security, it's a best practice only to provide a system with the permissions it needs to perform its function. For a Minecraft server, this generally means only accessing the files in the server folder, having access to the internet on the Minecraft server ports, and sometimes accessing MySQL. This means that if a hacker gets access to your server, all they can touch is your server.
If a server is running with root or poorly setup permissions, an attacker can access everything else on the machine. If you're running a server network, one compromised server means all servers are compromised. When malicious software has root access, it can also be complicated to undo any damage without resetting the machine completely.
It's not always possible to tell when a machine has been compromised either. While sometimes hackers will erase all files and prevent the device from booting, other times they'll use it as part of a botnet or install spyware.
You might be thinking, "This won't happen to me". While you could technically be correct, it's not worth taking the risk. There have been numerous plugins on Spigot containing malicious code and authors of more reputable plugins having their accounts hijacked. Unless you only use code you have written personally, there's always a risk of something malicious.
Having elevated permissions also makes it easier to make catastrophic accidents. If your user account can edit files all over the machine, it's easier to delete more than what you intended to accidentally. This problem is especially likely for people who are less experienced with the Linux command line.
It's also possible for a plugin or its configuration to mess up and cause harm. If a plugin or the server accidentally overwrote a critical system file, the machine could fail to boot and potentially lose data.
The recently found vulnerability in Log4J, colloquially known as Log4Shell, is a prime example of how bad this can be. For any server running as root, players joining servers could easily gain complete control over the server's machine.
Given that Minecraft uses a lot of code libraries that are also used by large-scale commercial software, there is a substantial commercial incentive to find vulnerabilities. As Minecraft uses this code, it might also be vulnerable to any discovered vulnerabilities.
The easiest way to prevent this problem is to create a new user and only give it access to that folder. For Linux users, check out this guide on how to do it. You can then create the server in the user's home folder and run the server while logged into that user.
If you're running a server network, you should have a separate user per server. Not doing so can lead to the issue mentioned above of one server compromising all servers.
If you're using a Minecraft server host, preventing this is up to your host. Contact your server host if you're getting this message, or realistically move to a more reputable host. If they have security flaws this large, they may have other problems too. Check out this article on the issues bad server hosts often have.
This article is part of a series on how to run a Minecraft server. Click here to check out more!