This is thread intended for advices, tips, security questions and answers related to servers ...
irrelevant posters receive infraction, so don't post unless You on subject
it's now fully recomended to use BattlEye even on closed community / passworded servers (due to additional layers of protection)
ATTENTION! Warning to All Admins!
Emergency Responder to Event OMFGBBQFAIL#65535: http://dev-heaven.net/issues/20994
Immediately rename Your server -config= files to unique filenames!
do NOT share these filenames with anyone who is not trustable! (ideally only Yourself)
Start using custom -BEpath= immediately
More countermeasures for beserver.cfg soon(tm)!
beserver.cfg is now automatically renamed to beserver_active_[randomtext].cfg while the server is running to prevent this exploit.
move Your -profiles= , -config= and -BEpath= outside Your game/server directory
and use unique filenames (yet rename of file not possible for beserver.cfg)
use verifySignatures=2; and v2 signatures on your server
v2 signatures are supported also in ARMA 2 version 1.10+ and ARMA 2:OA 1.59+!
Use RCON from BattlEye and it's BEGUID to ban players,
forget about in-game UID (they spoofable easily and deprecated)
remove regularCheck line from your config (or comment it out by ; infront of it),
incorrect value negates the defaut setting now
if all fails then password the server up
remove reportIP from gamespy master line in config
and play only with Your trustable friends
but that sort of prevents the public reach it ...
note: this is WIP topic, so any text is subject for change w/o warning