Got it, let's break down how to set up your development worldserver to connect to your production authserver, and lock it down so only accounts with security level >1 (admins or senior GMs) can access it. I'll cover both auth-level restriction (the cleanest approach) and a worldserver-level fallback for extra safety.

Step 1: Configure Dev WorldServer to Connect to Production AuthServer #

First, make sure your dev worldserver can talk to your production auth system properly:

1. Open your dev worldserver's worldserver.conf file
2. Update the LoginDatabaseInfo line to point to your production auth database:

   LoginDatabaseInfo     = "PRODUCTION_AUTH_DB_IP;3306;DB_USERNAME;DB_PASSWORD;acore_auth"
   

   Replace the placeholders with your actual production database details (IP, username, password, etc.).
3. Verify AuthServerPort matches the RealmServerPort in your production authserver.conf (the default is 3724)
4. Add your dev worldserver to the production auth's realmlist table:
   • Run this SQL query on your production acore_auth database:

     INSERT INTO realmlist (name, address, port, icon, realmflags, timezone, allowedSecurityLevel)
     VALUES ('Dev World Server', 'YOUR_DEV_WORLDSERVER_IP', 8085, 1, 0, 1, 2);
     

     The allowedSecurityLevel field here will be critical for our access restriction later.
5. Restart both your production authserver and dev worldserver to apply these changes.

Step 2: Restrict Access to Accounts with Security Level >1 #

AzerothCore uses clear security level tiers for accounts:

• 0: Regular player
• 1: Basic GM
• 2: Administrator
• 3: Highest-level admin

Option 1: AuthServer-Level Restriction (Recommended) #

This method hides the dev realm entirely from unauthorized users, which is the cleanest approach:

1. On your production auth database, update the allowedSecurityLevel value for your dev realm in the realmlist table:

   UPDATE realmlist SET allowedSecurityLevel = 2 WHERE name = 'Dev World Server';
   

   This sets the minimum required security level to 2, meaning only accounts with level >1 (2 or 3) can see and connect to the dev realm.
2. Restart your production authserver to make the change take effect.

Option 2: WorldServer-Level Fallback (Extra Safety) #

If you want an extra layer of protection (e.g., if auth restrictions ever fail), add a check in the worldserver code to kick unauthorized users immediately on login:

1. Open src/server/game/Player/Player.cpp in your AzerothCore dev repository
2. Find the Player::Login function, and add this code right after the session security level is retrieved:

   // Block accounts with security level <=1 (regular players + basic GMs)
   AccountTypes accountSecLevel = GetSession()->GetSecurity();
   if (accountSecLevel <= SEC_GM) {
       GetSession()->KickPlayer();
       return false;
   }
   

3. Recompile your dev worldserver and restart it. Now any user with security level 0 or 1 will be kicked instantly if they somehow manage to connect.

Important Notes #

• Make sure your production MySQL server allows incoming connections from your dev worldserver's IP (grant access with GRANT ALL ON acore_auth.* TO 'DB_USER'@'DEV_WORLDSERVER_IP' IDENTIFIED BY 'DB_PASS';)
• If your dev and production servers are on separate networks, ensure ports 3724 (auth-world communication) and 8085 (player-world communication) are open in firewalls
• For code modifications, consider creating a custom module instead of editing core files directly—this makes future core updates much easier

内容的提问来源于stack exchange，提问作者Squeezee