What ports did you open on your firewall?

Also, check out ...

"sv_setsteamaccount" and related ...

https://gtm.steamproxy.vip/dev/managegameservers

sv_setsteamaccount : did that
port 22 port 80 and port 27015

Originally posted by Mike:

sv_setsteamaccount : did that
port 22 port 80 and port 27015

You really shouldn't open ports 22 and 80 to the outside world. It makes your IP address kinda a "hacker magnet" for "bad actors" in "hostile nations" (troublemaking a**holes who just wanna steal access to your computer to do bad things with it) and no game server should ever require those two ports (ssh and web) to be open to the outside world, even if it uses them on your local network (for you to manage the game server or whatever).

Originally posted by Mike:

hetzner server

Would not recommend this company...
I KNOW ( believe me, I SAW it! ) that TONS of people online "recommend" this company - but there's a considerable amount of drawbacks with it, many of which would be considered extreme NONO to MOST people who value their time / money / sanity, and you may not find about many of them until you are already "invested in it" months down the line... ( full hook and sinker... )
Their PR and legal teams tend to aggressively shove any public criticism under the carpet, so a lot of ordinary people don't even know until they THEMSELVES find out...

It's basically this:
https://i.kym-cdn.com/photos/images/original/001/399/017/ee1.png

But alas...

You probably already checked this in your debug workflow, but just in case:
you DO have a Token set up for your server... right?...

Do you mind showing the exact command you start the server with ?
( ofc censor the token if it's there! )

You probably already know these, but in case you don't, here:
https://wiki.teamfortress.com/wiki/Dedicated_server_configuration

https://wiki.teamfortress.com/wiki/Windows_dedicated_server

https://wiki.teamfortress.com/wiki/Linux_dedicated_server#Ports

By the way, which appid is your server?
Asking for no reason in particular...

Originally posted by Bloo Alien:

Originally posted by Mike:

sv_setsteamaccount : did that
port 22 port 80 and port 27015

You really shouldn't open ports 22 and 80 to the outside world. It makes your IP address kinda a "hacker magnet" for "bad actors" in "hostile nations" (troublemaking a**holes who just wanna steal access to your computer to do bad things with it

No offence!
But...
This is a horrendous misrepresentation of what is ACTUALLY happening - I see this getting reiterated over and over and over again like a sh*tty game of "telephone"... it's a notion based on exceptionally dated information and mindset...

Here's what is actually happening:
1. "STATE ACTORS" WON'T go after your game server. It costs MONEY ( insert Dutch van Der Linde quotes here :P ) to go after INDIVIDUALS, and going after someone's game server would not only be a waste of money, it would actually be counterproductive.


2. Script kiddies who hardly know what they are doing MIGHT want to go after your server "just for the thrill".
But they WON'T "just randomly stumble upon it" - they would need to know the IP address...
Which in practise limits this attack vector to some random kids who got a grudge after a lost match ( on your server ), googled Wireshark, and got your IP through it.
Those kids can also TRY to DoS your server...

( by the way: those exact same kids can very quickly transition you to the FAFO part of WHY I, and many many MANY others recommend AGAINST using Hetzner... )


3. You should largely IGNORE 1 and 2.
What is the biggest cause for concern is something else entirely for you:
Almost NOONE out of "your ordinary Joe using a computer", and even many people IN IT don't know this either - but - there are THOUSANDS of AUTOMATED scripted scanners running 24/7 scanning the ENTIRE internet for open ports.
This is NOTHING to do with "you SPECIFICALLY" - no - this is nothing personal.
They look for open ports, ANY open ports - doesn't matter whose.

There are even websites which then list the information on the open ports for all this gathered info from the scans.

One such website starts with an "S" - I'm not sure if naming or linking it would be in accordance with Steam's forum rules ( tbh this IS a grey area ) - so I won't...
If your server has ANY port open - there's more than 90 % chance it wil be shown on this website - whether you like it or not.


4. If your security is configured PROPERLY, and you are upgrading your server regularly ( to minimize chance of zero days being utilised ), any "brute force attempts" will do f*ck all.
All they will do is:
A. Log spam ( about failed login attempts )

B. IF your rate limiting ( on login ) isn't configured properly: DoS for your ssh server ( making LEGITIMATE ssh connections lag, or maybe even fail to connect )

C. IF your server logging ( eg log SIZE limit, burst limits, etc ) isn't configured properly: DoS to your whole server

People won't just "magically" breach your server JUST by the server having ports open!...


5. You can virtually ELIMINATE the ssh brute force attacks by disabling password login, forcing it to use the public/private key instead.

Originally posted by Bloo Alien:

and no game server should ever require those two ports (ssh and web) to be open to the outside world, even if it uses them on your local network (for you to manage the game server or whatever)

Well first of all:
- on a VPS, you WANT to use ssh - it's generally PREFERRED over a janky VPS access console
- on a LAN server, you NEED to use ssh if your server is headless ( unless you want to use serial - which - I don't think many people would these days... )

Second, this is patently false...
Plenty of modern multiplayer games use port 80 or 443 ( or BOTH ) in SOME capacity, eg related to handshake, sometimes matchmaking, or other server logic...
If in doubt:
refer to official server documentation for given game, or if not available publicly - scour the internet for the info on the "required ports"...


Once again, no offence! No hard feelings...

Just wanted to clear up some misconceptions ^__^