♖ServerDefence♖ | Protect account & Block commands & Perms checker & Mod/Client detector &DiscordBot

♖ServerDefence♖ | Protect account & Block commands & Perms checker & Mod/Client detector &DiscordBot -----

Protect your server and admin accounts from hacking

ServerDefence

⚠ProtocolLibrary required for versions below 1.13⚠

------------------------FEATURES-------------------------

♖Prevent login to admin accounts

Protect your account from hackers

Just write this:
/sd setPlayer [name] [public ip]

That's it! This command adds the player to the admin list. Every time this player log in, plugin checks his IP address and kicks him if he has different from saved.

usually IP address changes after final dot ( 123.123.123.xxxx ), of course If
you are not connecting every day to the different internet provider.

Knowing that, I have implemented possibility to enter part of an IP address

examples:
/sd setPlayer [name] 123.113.212
/sd setPlayer [name] 123.143
/sd setPlayer [name] 153

Plugin will only check part of an IP address you entered
Attention! The best way to protect account is to enter whole IP address

♖Permission protection

Every time the player performs a command, ServerDefence checks his permissions and whether he has an OP.
Also, per 10 ticks plugin asynchronously checks permissions of all players currently online

Player (who wasn't added to the admin list) will be kicked if he is the OP or has the permission added to the PermsCheker.permissions list

Permissions that plugin checks can be customized in config.yml

This feature saved my project uncountable amount of times, because if you have a vulnerability, that can be used to get admin permission, hacker won't be able to take a benefit from it

♖Disable dangerous commands

Insert all dangerous commands to the blocked_cmds.yml
(don't forget to enable CommandBlocker in config.yml)

If you want, you can block specific argument of a command
( '//we calc' will block calc argument of the command /we)

You can even specify the permission, which the player will require to execute the command

♖Disable syntax

ServerDefence can also disable all commands that has this symbol: ':'

Easily!

Add a command to the FixSyntax.whitelist_cmds in config file
FixSyntax:
whitelist_cmds:
- /serverdefence

♖Block command suggestions (TAB)

You can remove command from the minecraft commandSuggestion list.
To do that, u need to enable TabBlocker in config.yml and add the command to the tab_blocked-cmds.yml

Moreover, you can remove command from commandSuggestion list if a player doesn't have permission you specified

Once, my project was hacked via commandSuggestion vulnerability, that crashes my server.
aaaand I just added command the hacker used to the tab_blocked-cmds.yml

♖Popular Mods/Clients detector

Currently working Client detections:

fabric
forge
liteLoader
rift
winterWare
vape
hyperium
pixelClient
lunarClient
emc

Currently working mods detections:

schematica
5zig
betterSprinting
worldDownloader

If plugin doesn't detect one of these mods/Clients please contact me, before posting a review

♖DiscordBot

You can use that feature to add a two factor authentication and easily change your admin IP via discord.
How does it work?

If feature is activated, admin has to complete simple verification by executing DiscordBot command /verify in a guild with that bot.
Every time admin log in, he has to confirm that it is him via discord by pressing a button which bot will send automatically.

Commands:
/verify
/unverify
/set_ip
/current_ip
Setup:

Setup your bot here https://discord.com/developers/applications and add it to your discord guild
In config DiscordBot.active set to true
Paste in token of your bot in config (DIscordBot.bot_token)
Paste in id of the guild where you added your bot (DIscordBot.guildID)
Paste in id of the guild role which you want to allow to execute commands of the bote (DIscordBot.admin_ds-role)
Start your server and enjoy ^_^

It is a new feature and may contain problems. If you find any error or have an idea, please contact with me

♖Other

- UUID Spoof fix
- Login to the already online account fix

----------------------INSTALLATION---------------------

1) FOR VERSIONS BELOW 1.13 install ProtocolLibrary plugin, if you don't have it

2) install .jar file into the /plugins folder, then start/restart server

3) add your account to the admin list:

/sd setPlayer [nickname] [public IP]
Get your public IP: http://checkip.amazonaws.com/

Now you can setup plugin however you want

-----------------------------INFO-----------------------------

I 'm planning to add:

✅ Mods disabler (WorldDownloader, Schematica etc)
✅Cheat clients detector
✅DiscordBot
Packets checker

If you have any question/suggestion or found an issue:
Discord guild: https://discord.gg/R2Wk5ZRXxp

All Commands:

/sd reload - reload plugin files

/sd setPlayer [nickname] [public IP] - adds player to the admin list, or updates IP if a player is already added to the list

/sd removePlayer [nickname] - removes player from admin list

/sd adminList - shows list of admin players

Permissions:

serverDef.admin - allows player to use all commands of this plugin and bypass Client/mod blocker
serverDef.bypass.modBlocker.{CLIENT/MODE_TYPE} - allows player to use client or mode

Preview config file:

Code (YAML):

metrics : true
#Prevents login to the admin account
CheckIPOnJoin : true
#Kicking of players with unauthorized OP
KickUnauthorizedOp : true
#Blocks commandSuggestion if command is added to the tab_blocked-cmds.yml file
TabBlocker : true
#Blocks command if it is added to the blocked-cmds.yml file
CommandBlocker : true
#Checks whether nickname of a player is linked to a UUID the player has
#If uuid is linked to a different name -> kicks the player
#Useful in cracked servers, in order to fix UUID vulnerabilities
UUIDSpoofFix : true
#Discord bot settings
DiscordBot:
active : false
guildID : your_guild_id
bot_token : your_bot_token
admin_ds-role : id_of_the_role_which_is_allowed_to_use_commands
cmds-on-login :
- deop {player }
cmds-on-verify :
- op {player }
#Permissions which are not allowed for non-admin account
PermsChecker:
active : true
permissions :
- '*'
- server_defence.admin
#Disable all commands containing ':' symbol
FixSyntax:
active : true
whitelist-cmds :
- /serverdefence

modsBlocker:
fabric:
enabled : true
punishment :
- kick {player } &cFabric usage detected
forge:
enabled : true
punishment :
- kick {player } &cForge usage detected
liteLoader:
enabled : true
punishment :
- kick {player } &cLiteLoader usage detected
rift:
enabled : true
punishment :
- kick {player } &cRift usage detected
winterWare:
enabled : true
punishment :
- kick {player } &cWinterWare usage detected
vape:
enabled : true
punishment :
- kick {player } &cVape usage detected
hyperium:
enabled : true
punishment :
- kick {player } &cHyperium usage detected
pixelClient:
enabled : true
punishment :
- kick {player } &cPixelClient usage detected
lunarClient:
enabled : true
punishment :
- kick {player } &cLunarClient usage detected
emc:
enabled : true
punishment :
- kick {player } &cEmc usage detected
schematica:
enabled : true
5zig:
enabled : true
betterSprinting:
enabled : true
worldDownloader:
enabled : true

Preview lang file:

Code (YAML):

prefix : '&7 [&4ServerDefence&7 ] '
console_only_cmd : '&cCommand is blocked'
kick_permission : '&cYou are not allowed to have these permissions!'
kick_op : '&cYou are not allowed to have OP!'
kick_already_online : '&cPlayer with your nickname is already connected'
kick_different_ip : '&cThis account is protected'

Preview blocked-cmds and tab_blocked-cmds file:

Code (YAML):

cmds :
- /?
- /help
- /about
- /ver
- /pl
- /plugins
- /op
- /deop
- /save- all
permission-only:
admin :
- /kick

View on SpigotMC

Resource Information

Author:

----------

Total Downloads: 1,996

First Release: Mar 3, 2022

Last Update: Dec 28, 2022

Category: ---------------

All-Time Rating:

9 ratings

Version -----

Released: --------------------

Downloads: ------

Version Rating:

----------------------

-- ratings