That voids their terms of use.
2 Likes
Glitch even disabled private projects for the free tier, which was the only reason why I stayed with them, I moved to more better competitors like repl, heroku, or something.host
1 Like
The only part of the ToS that is somewhat iffy towards this project is:
We reserve the right to delete, suspend, or terminate your access to, or ability to use, any and all Services that we determine to be placing undue strain on our infrastructure. These changes were made in response to ping services on Glitch and our efforts to make the site more stable.
From what I can tell, this bot is not in violation of this because it’s not doing a keep-alive ping, it’s simply a function of the bot, which is transferring legitimate data that is within their rate limits. Although if glitch determines that this is an abuse of their infrastructure, then I will promptly move the project over to repl.it or Heroku.
So far, I’ve seen no instances of people getting their projects suspended due to this system and its functionality.
I will reach out to a glitch representative about it.
I’ve successfully contacted a glitch representative and have confirmed this project does not violate glitch TOS.
2 Likes
That isn’t very good security-wise, anybody could just fake headers and ban your entire playerbase.
I don’t see this as a very realistic attack vector considering the nature of the system. All information is transferred back to the Roblox server via the response of a GET req. Unless you know how to DNS poison an AWS server, MITM it, or spoof the second half of a GET request from an AWS server IP you somehow know DTR is active on, I don’t see how this would be reasonably possible. By the time you started either of these, I’d imagine amazon’s IDS would pick up on it and block you. Additionally, the only way entries get added to the ban table is via a discord bot command which is purely server-side, and cant be done from an HTTP req.
Then again, I could be completely wrong. If you can test and prove this to be a working attack vector, please DM me about it and I will promptly seek a patch.
I think i misread what I originally replied to, can you explain how you send the headers and what security you have?
Ill just layout the process.
- Roblox server sends a GET req to the node
- Node looks at request to see if there are any messages for the bot.
- If there are messages, the bot finds the message via a channel ID and message ID.
- If both IDs are valid, and the message is retrieved, the bot will edit its message with response text.
- After message is processed, if there is a ban in the queue from the discord bot, it will get passed as a response to the GET request.
- Roblox then processes the information retrieved from the server and bans people.
You could send all the false requests to the node server you want, but the only thing the node server takes in from the web is simple text in the form of an error from the Roblox server, and if the server is not expecting any information, the request is ignored.
2 Likes
Does the bot have a roblox group ranking feature?
1 Like
Doesn’t seem to work for me, sadly.
Edit: Never mind, I never made a bot and messed up one of the settings.
The doesn’t really work.
It’s gone offline now and it wouldn’t unban
1 Like
If you ban yourself, change the datastore key to unban yourself. You cannot use the unban command unless you have more than one person in the server as the server will shut down before the request gets processed.
2 Likes
There is a problem with the bot, unban command won’t work.
Im trying to unban my self but this show in image and it still saying “Atempting to unban (User)” for ages and I’m still banned. 
1 Like
The roblox server shut down before the request if there was only you in it.
2 Likes
Honestly speaking, I think that just because of this reason the bot should store the bans itself, using SQLite or any form of DB, rather than rely on Roblox Datastore, especially considering it can get offline at times unexpectedly.
1 Like
The entire point of this system is not to do that. Here’s why:
- Keeping a bot online 24/7 without this type of structure would be against glitch ToS unless you pay $90 a year.
- The cost of the data storage would increase as your player visits increase causing you to spend even more money.
This system is basically free. The bot goes online when the game servers are offline because it relies on the game servers to store data and keep it alive. This system works best for games that have an active player base.
@Pagbilaowins_YT Make sure someone is in the game who isnt banned and then do the unban command. If you cant do that then change the datastore key from MAIN1 to MAIN2
3 Likes
I set this bot up for you already, this is the it we are currently using.
1 Like
I know, it’s just stopped responding to all commands in the discord, it should be linked to Bot Controls and maybe I have the prefix wrong idk
1 Like
When I used it I had to re-mount another project until it woudn’t error with “body-parse”.
I still don’t know why that kept on happening
1 Like
The Bot won’t work if it’s online. You can fix this by opening glitch I think.
1 Like