By default, the Southnode Game Server Instance for ARMA3 enables addon signature verification, meaning that clients cannot connect if they are using mods not allowed by the server. This is a cheating protection. How do we set this up? I'm glad you asked!
How to...
To permit mods, the relevant .bikey file needs to be added to the keys directory in the server base directory. For mods installed on your server that clients are also intended to use, copy the .bikey files from the keys directory inside each mod directory. Also add the .bikey files of other mods (eg client-only mods) that you wish to allow. If you wish, your Game Server Instance can do this automatically for you for any mods listed in “Load Mods” by enabling the “Manage Bikeys” setting located within the ARMA Server Settings menu:
If enabled, the bikey files for each of the mods specified in Load Mods and Client Mods will be copied to the 'keys' directory when you start your server, to enable addon signature verification for said keys. All existing bikeys in that directory (other than the default 'a3.bikey') will be deleted upon start to ensure only the correct keys are added.
Alternatively, you can disable “Addon Signature Verification” within this same menu, although this is not recommended. Doing so means that anyone can join your server regardless of whether they have the correct mod version and keys installed - this means that potentially you could have players able to do things they shouldn't.
Further Reading
First-time Setup of your ARMA3 Dedicated Server
How to load Mods on your ARMA3 Dedicated Server
