--------------------
| ServSecurity 0.5 |
| **************** |
| by Dark Session  |
--------------------


ServSecurity is a powerful script to prevent server lags, hacking
attemps, abuse and crashes.




=============
Installation:
=============
 * Upload all the files in the "cstrike" folder (keep the folder
   structure as in the zip-file)
 * Edit cstrike/cfg/servsecurity.cfg
 * Insert this line in the cstrike/cfg/autoexec.cfg:
      es_load servsecurity
 * Execute the following command (RCON or directly in the server console):
      es_load servsecurity

 Finish




==========
Functions:
==========
 * Blocks harmful commands
    Commands which can lag or crash the server
    get blocked
 * Blocks connection-flooders
    Users who use a script that will automatically
    reconnect to the server will get banned (by IP)
 * Blocks the RCON-password-crash exploit
    Blocks the exploits which can crash the server
    after too many bad passwords
 * Crashreporter [cstrike/addons/eventscripts/servsecurity/crashreport.txt]
    Reports server crashes (this often includes server reboots)
 * Blocks 'STEAM_ID_PENDING' users
 * Protects server variables (for example the rcon-password)
 * Kicks user with illegal characters in the username
 * Blocks text with illegal characters
 * Blocks the exploit to bypass the team-choice
 * Shows you out of date plugins/addons




=========
Commands:
=========
 * servsecurity_setpassword
    Set ServSecurity password (needed for unload)
 * servsecurity_unload <ServSecurity Password>
    Unload ServSecurity (needed only if password set)
 * servsecurity_updatecheck
    Check for new updates
 * servsecurity_checkplugins
    Checks for out of date plugins (current Mani Admin Plugin,
    Eventscripts, Metamod and Sourcemod)



=============================================
Variables (edit the cfg/servsecurity.cfg):
=============================================
 (No longer commented)




======
Notes:
======
 * ServSecurity don't protect your server from (D)DoS
   To protect you from DoS use this plugin:
    http://www.sourceop.com/modules.php?name=Downloads&d_op=viewdownload&cid=9
 * ServSecurity generally don't protect against any attacks from outside
   At the moment its impossible to realize this in Python.
 * To check the client variable "sv_cheats"
   please use this script:
    http://addons.eventscripts.com/addons/view/enforcevars
 * You can't use ServSecurity on a server with sv_cheats 1
 * Please use secure rcon-passwords!
 * ServSecurity DONT protect you from hacks like aim-bots or wallhacks
 * The commands 'es_flags' and 'es_xflags' will be blocked for security
   reasons. Scripts which use this command maybe don't works correctly.





==========
Changelog:
==========

 v0.5:
  - Updated command list
  - Small bugs fixed
  - Protected variables can't be copied with 'es_copy'
    or 'es_xcopy'

 v0.4:
  - Completly rewritten
  - Improved performance
  - Removed the game_ui crash protection (no longer possible since
    last Valve Update)
  - Protection from the "unassigned" exploit
  - Illegal characters in the player chat blocked now
  - Extended log
  - Blocks crashes through commands while connecting
  - Client variable "sv_cheats" is no longer verified
  - Find out of date plugins/addons
  - Update check will no longer lag the server
  - Set different time formats
  - Bots will no longer kicked

 v0.3:
  - Prevent Game_UI crashes
  - Bugs fixed

 v0.2:
  - Bugs fixed
  - Improved code
  - More commands blocked




========
Contact:
========

ICQ: 432-043
Eventscripts-Forum: [Dark_Session] (PM)
E-Mail: darksession@the-holy-crew.ch


========
License:
========

This work is licensed under the Creative Commons Attribution-Noncommercial-Share Alike 3.0 Unported License.
To view a copy of this license, visit http://creativecommons.org/licenses/by-nc-sa/3.0/ or send a
letter to Creative Commons, 171 Second Street, Suite 300, San Francisco, California, 94105, USA.