# Security

## <mark style="color:blue;">Introduction</mark>

The Security configuration file (`security.json`) manages server protection features including member verification, bot protection, spam prevention, and anti-nuke systems.

***

## <mark style="color:blue;">Verification</mark>

Member verification system to ensure users are human before accessing your server.

### <mark style="color:yellow;">roles\_to\_remove</mark>

**Type:** Array of Strings

Roles removed after successful verification.

```json
verification: {
    roles_to_remove: ["123456789012345678"],
}
```

Typically used to remove an "unverified" role.

***

### <mark style="color:yellow;">roles\_to\_add</mark>

**Type:** Array of Strings

Roles granted after successful verification.

```json
roles_to_add: ['804354037662220289']
```

Typically used to grant a "member" role that unlocks server access.

***

### <mark style="color:yellow;">automatic\_verification</mark>

**Type:** Boolean

Auto-verify returning members.

```json
automatic_verification: false
```

**When `true`:** Users who previously verified are automatically verified on rejoin\
**When `false`:** Users must verify again after rejoining

***

### <mark style="color:yellow;">minimum\_account\_age</mark>

Prevent new/alt accounts from verifying.

**enabled** - Whether to enforce minimum account age (Boolean)\
**age** - Required account age in format `"<months>mo <days>d"` (String)

```json
minimum_account_age: {
    enabled: true,
    age: "30d",
}
```

**Examples:**

* `"28d"` - 28 days
* `"1mo"` - 30 days
* `"1mo 12d"` - 42 days
* `"1y 11mo 2d"` - 692 days

***

### <mark style="color:yellow;">user\_join\_activity</mark>

Temporarily disable verification during bot raids.

**enabled** - Whether to monitor join activity (Boolean)\
**max\_joins\_per\_minute** - Maximum joins allowed before triggering (Number)\
**disabled\_for** - How long to disable verification when triggered (String)

```json
user_join_activity: {
    enabled: true,
    max_joins_per_minute: 30,
    disabled_for: "15m",
}
```

If more than 30 users join per minute, verification is paused for 15 minutes to prevent bot floods.

***

### <mark style="color:yellow;">unverified\_kick</mark>

Automatically kick users who don't verify.

**enabled** - Whether to kick unverified users (Boolean)\
**kick\_after** - How long to wait before kicking (String)

```json
unverified_kick: {
    enabled: false,
    kick_after: "30m",
}
```

Keeps your member list clean by removing users who don't complete verification.

***

### <mark style="color:yellow;">must\_be\_synced</mark>

**Type:** Boolean

Require Minecraft account sync before verification.

```json
must_be_synced: false
```

**Requires:** Minecraft addon

***

## <mark style="color:blue;">Anti-Bots</mark>

**Type:** Boolean

Automatically kick bots added to your server.

```json
anti_bots: false
```

**When `true`:** All bots (except those added by server owner) are kicked immediately\
**When `false`:** Bots can be added normally

{% hint style="warning" %}
**Requirement:** Moderation plugin must be loaded for this feature to work.
{% endhint %}

Protects against malicious bots used for server nuking.

***

## <mark style="color:blue;">Message Spam</mark>

Auto-enable slowmode during spam attacks.

### <mark style="color:yellow;">enabled</mark>

**Type:** Boolean

Whether to enable spam protection.

```json
message_spam: {
    enabled: true,
}
```

***

### <mark style="color:yellow;">max\_messages\_per\_minute</mark>

**Type:** Number

Message threshold before triggering slowmode.

```json
max_messages_per_minute: 30
```

If more than this many messages are sent in a channel within one minute, slowmode is applied.

***

### <mark style="color:yellow;">slowmode</mark>

**Type:** String

Slowmode interval to apply.

```json
slowmode: "10s"
```

Users can only send one message per 10 seconds when triggered.

***

### <mark style="color:yellow;">duration</mark>

**Type:** String

How long slowmode stays active.

```json
duration: "15m"
```

***

### <mark style="color:yellow;">whitelisted\_channels</mark>

**Type:** Array of Strings

Channels exempt from spam detection.

```json
whitelisted_channels: ["804354119523500082"]
```

***

## <mark style="color:blue;">Anti-Nuke</mark>

Prevent server destruction by monitoring destructive actions.

### <mark style="color:yellow;">enabled</mark>

**Type:** Boolean

Whether to enable anti-nuke protection.

```json
anti_nuke: {
    enabled: false,
}
```

***

### <mark style="color:yellow;">violations</mark>

**Type:** Object

Point values for different actions.

```json
violations: {
    member_ban: 5,
    member_unban: 3,
    member_kick: 3,
    member_prune: 14,
    channel_delete: 2,
    channel_create: 1,
    role_delete: 2,
    role_create: 1,
    message_delete: 1,
    message_bulk_delete: 5,
    emoji_delete: 2,
    webhook_create: 5,
    webhook_delete: 3,
}
```

Each action adds points to a user's violation score. The score resets every 15 minutes.

***

### <mark style="color:yellow;">max\_vls</mark>

**Type:** Number

Maximum violation points before action is taken.

```json
max_vls: 15
```

When a user reaches this score within 15 minutes, their roles are removed.

***

### <mark style="color:yellow;">whitelisted\_users</mark>

**Type:** Array of Strings

User IDs exempt from anti-nuke.

```json
whitelisted_users: ['707336356786864211']
```

***

### <mark style="color:yellow;">whitelist\_bots</mark>

**Type:** Boolean

Exempt bots from anti-nuke monitoring.

```json
whitelist_bots: true
```

**When `true`:** Bot actions don't count toward violations\
**When `false`:** Bots are monitored

***

### <mark style="color:yellow;">notification</mark>

Warn users before taking action.

**enabled** - Whether to send warnings (Boolean)\
**vls** - Violation threshold for sending warning (Number)

```json
notification: {
    enabled: true,
    vls: 10,
}
```

When a user reaches 10 violations, they receive a notification warning them to stop.

***

## <mark style="color:blue;">Complete Configuration Example</mark>

Here's a production-ready security configuration:

```json
{
    config: {
        verification: {
            roles_to_remove: [],
            roles_to_add: ['804354037662220289'],
            automatic_verification: false,
            minimum_account_age: {
                enabled: true,
                age: "30d",
            },
            user_join_activity: {
                enabled: true,
                max_joins_per_minute: 30,
                disabled_for: "15m",
            },
            unverified_kick: {
                enabled: false,
                kick_after: "30m",
            },
            must_be_synced: false,
        },

        anti_bots: false,

        message_spam: {
            enabled: true,
            max_messages_per_minute: 30,
            slowmode: "10s",
            duration: "15m",
            whitelisted_channels: [],
        },

        anti_nuke: {
            enabled: true,
            violations: {
                member_ban: 5,
                member_kick: 3,
                channel_delete: 2,
                role_delete: 2,
                message_bulk_delete: 5,
                webhook_create: 5,
            },
            max_vls: 15,
            whitelisted_users: ['707336356786864211'],
            whitelist_bots: true,
            notification: {
                enabled: true,
                vls: 10,
            },
        },
    }
}
```


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.iynxdev.com/configuration-files/security.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.