RCon, or Remote Console, is a networking tcp/ip protocol introduced by Valve to define how third party applications can communicate with their game servers. These applications can be used remotely to control a server via commands. This technology is most commonly used by Game Service Providers (GSP) to allow customers who rent servers to control their rented game servers from a web interface. However there are programs, such as ARKon and Rusty, that have been made by the community to allow people to have more control of their game servers. Note that ARKon and Rusty will likely not work well with are game because they were specifically made for ARK and Rust.

We have decided to follow this protocol as closely as we possibly can to make it easy for third party's to create applications to communicate with our game servers. Some other games have their own versions of RCon such as, Rust, Minecraft, ARK, and of course some, if not all, valve source games such as Garry's Mod and Team Fortress 2.

1. Navigate to your server files.
   
2. Ensure you have run Server.exe at least once to generate the configuration files.
   
3. Open Configuration/ConsoleSettings.cfg with a text editor.
   
4. Under the Remote Console section find:
   
   enableRCon = 'False'
   and change it to:
   
   enableRCon = 'True'
5. It is highly recommended to use a password for your rcon server.
   You can do so by changing:
   
   rConPassword = ''
   to:
   
   rConPassword = 'YOUR_PASSWORD'

If you have multiple servers running on a single computer, change the rConPort accordingly.

Now you should be able to connect with an RCon client to the server console.

Below this section are all of the technical information you would need to develop your own RCon application for our server.
In the next sections we will:

• be going over what commands you should use to communicate with the RCon server,
  
• further explain what the RCon protocol is,
  
• reiterate the authentication process for RCon,

Here are a set of commands supported by our RCon server. These commands should not be used by the end user but instead used by your application to tell the RCon server what to do. For example,

The RCon protocol defines how the server and client communicate. The protocol describes how packets should be structured, how to process an authentication request, what the packet types are, and more.

We encourage you to check Valve's RCon documentation out for yourself before continuing.
Source RCon Protocol

Instead of explaining the RCon protocol again, we are going to explain some of the minor things we did differently and some of the things you should do differently.

Authentication is the process in which a client is decided to be allowed or not allowed to connect to the server. The first packet a client sends will be an authentication packet. This packet contains the password entered by the client user.

The main thing we have changed here is to add support for a variety of hashing algorithms to protect the client user from packet sniffing attacks. You can simply hash the users password as plain text or add a SALT to the password and then hash the password.

A salt is a set of randomly generated characters and symbols that is appended to the end of the client user's password before it is hashed and sent to the server. A salt is used to protect against rainbow table attacks. This is where someone can pre-hash common words and password into a database and then compare your hashed value to find the client user's plain text password. Since a salt is appended to the password. It's pretty much impossible for them to pre-hash the password and the randomly generated salt.

To enable the salt feature you must separate the hashed password and the salt in the authentication packet with a byte of 0 (null string).

The packet would look like this:

• MD5[en.wikipedia.org]
  
• SHA-1[en.wikipedia.org]
  
• SHA-256[en.wikipedia.org]
  
• SHA-384[en.wikipedia.org]
  
• SHA-512[en.wikipedia.org]

Since the max packet size is 4096, as defined by Valve, if you want to send more data then that you will need to send multiple packets.

Valves works around this by having the client send an invalid packet to the server after sending the command packet. Since the server always responds to packets, the client can tell when it has received all of the response packets from the server when the client receives an empty response packet. The source server will also send a packet to indicate an invalid packet was received.

We find this approach confusing and unnecessary. Instead we prefer to determine if there are multiple packets by instead looking at the size of the packet. If the packet size is exactly the maximum allowed packet size of 4096, we assume there is another packet after it.

However, this creates a problem. What happens if you receive a packet who's body is exactly 4096 in size? To solve this problem we simply send another empty packet indicating that it was the last packet.

It's important to note that Valves work around will still work. However, it is encouraged you use our method instead because it allows for clients and the server to both send multiple packets to each other and is less complex.

What we mean by Continuous Connection is that the client doesn't close it's tcp connection until it is ready to stop being connected. This is normally used by applications run on operating systems. A continuous connection allows the server to send packets to the client without entering a command. Essentially, the server can send commands with log and chat information to the client, as soon as it is created by the game server.

However web clients cannot keep a constant connection. Instead web clients will connect to the server, send a packet, receive a response, then disconnect. This means they would have to perform a command (/getlog) repetitively to receive chat and logs from the server.