Originally created for AlfheimMC - the server I code for, MonkeyShield was designed to protect the server against some bad players who had been constantly causing server lags and even crashes, mostly by casting commands they could not access, but the plugins that handled those commands were quite buggy (MV's regexp parser recursion leak for instance).

Someone from staff mentioned that those "bad guys" were probably friends of his from another server, "acting like monkeys". Well I liked the term so much that it made to the plugin name.




All my plugins depend on my core plugin BitBase.
BitBase should be downloaded and added to the plugins folder for MonkeyShield to work.

You can find BitBase on this link.

Important: Always match the minor version number with BitBase's.
For instance, in order to use MonkeyShield 1.18.2.X, you should use the latest BitBase version starting in "1.18.2." .





Base command: /monkeyshield , or /ms for short.
Requires the permission node monkeyshield.command (granted by default)

/ms
/ms help
Lists all available functions, along with a brief description of each one.

/ms reload
Reloads the configuration, applying the new settings instantly.

/ms monitor on|off|list
Toggles the monitor mode on/off, or lists current monitors.
When enabled, it will show broadcast to all monitors any important events that occur, like attempts to using a restricted command, or censored chat messages.

/ms debug on|off|list
Toggles the debug mode on/off, or lists current debug players.
Intended to be used as a bug-catcher feature.




monkeyshield.use.command. XXX
Grants access to the XXX command.
Probabaly needless to say, but replace XXX by any command you wish to grant access to.

Main permissions for Staff members and Admins:
monkeyshield.staff
Grants staff-level access to the plugin.
Includes permissions nodes:

• monkeyshield.command
• monkeyshield.command.monitor
• monkeyshield.bypass.*

monkeyshield.admin
Grants full access to the plugin.
Includes permissions nodes:

• monkeyshield.command
• monkeyshield.command.*
• monkeyshield.bypass.*

Individual permission nodes:
monkeyshield.command
Grants access to the base command /monkeyshield or /ms.
Granted to everyone by default.

monkeyshield.command.*
Grants access to the all command actions.

monkeyshield.command.help
Grants access to the help action.
Granted to everyone by default.

monkeyshield.command.reload
Grants access to the reload action.

monkeyshield.command.monitor
Grants access to the monitor action.

monkeyshield.command.debug
Grants access to the debug action.

monkeyshield.bypass.*
Bypasses both the command and chat filters.

monkeyshield.bypass.command
Bypasses the command filter.

monkeyshield.bypass.chat
Bypasses the chat filter.




The default config.yml file is well commented, and should be explaining the use of each setting:

Code (YAML):

ignore :

  # Standard commands that will always be ignored by the plugin, thus available to players if any plugin implements them
  commands :
  - rules
  - plugins
  - pl
  #- ver

  # These commands will be globally allowed, not to break the active texts containing commands
  # (like those sent as active messages by Towny)
  # They will not be available on the tab-completion, however they
  # will not be intercepted either by the command shield layer.
  full-commands :
  - 'towny:confirm'
  - 'towny:accept'
  - 'towny:town'

  # Add here a list of the UUID of players who you want to completely bypass the plugin protections.
  players : [ ]

replace-text :
  # Text replacements using Regular Expressions, to avoid vulnerabilities or any censorship you want to apply.
  # Follow the format:
  #   Key:
  #     from: 'here goes a regex of what should be replaced'
  #     to: 'this will be the replacement text'
  Log4J Vulnerability:
    from : '\\$\\ {jndi: (?:ldap|rmi ):// [^ } ]+\\ }'
    to : '***'
  PlaceholderAPI:
    from : '\\$\\ { [^ } ]+\\ }'
    to : '***'

messages :
  # This message will be replied to any attempt of using a blocked command.
  # By default we'll be using the standard "type help" message, so that players will not suspect that those
  # commands even exist on the server.
  unknown-command : Unknown command. Type "/help" for help.
 

The following placeholders are currently available:

%ms_bypass_command%
Shows 1 when the player has the command bypass.

%ms_bypass_chat%
Shows 1 when the player has the chat bypass.

%ms_has_XXXXX%
Shows 1 when the player has access to the command XXXXX.