Security
Configure verification, anti-bot, anti-spam, and anti-nuke protection
Introduction
The Security configuration file (security.json) manages server protection features including member verification, bot protection, spam prevention, and anti-nuke systems.
Verification
Member verification system to ensure users are human before accessing your server.
roles_to_remove
Type: Array of Strings
Roles removed after successful verification.
verification: {
roles_to_remove: ["123456789012345678"],
}Typically used to remove an "unverified" role.
roles_to_add
Type: Array of Strings
Roles granted after successful verification.
Typically used to grant a "member" role that unlocks server access.
automatic_verification
Type: Boolean
Auto-verify returning members.
When true: Users who previously verified are automatically verified on rejoin
When false: Users must verify again after rejoining
minimum_account_age
Prevent new/alt accounts from verifying.
enabled - Whether to enforce minimum account age (Boolean)
age - Required account age in format "<months>mo <days>d" (String)
Examples:
"28d"- 28 days"1mo"- 30 days"1mo 12d"- 42 days"1y 11mo 2d"- 692 days
user_join_activity
Temporarily disable verification during bot raids.
enabled - Whether to monitor join activity (Boolean) max_joins_per_minute - Maximum joins allowed before triggering (Number) disabled_for - How long to disable verification when triggered (String)
If more than 30 users join per minute, verification is paused for 15 minutes to prevent bot floods.
unverified_kick
Automatically kick users who don't verify.
enabled - Whether to kick unverified users (Boolean) kick_after - How long to wait before kicking (String)
Keeps your member list clean by removing users who don't complete verification.
must_be_synced
Type: Boolean
Require Minecraft account sync before verification.
Requires: Minecraft addon
Anti-Bots
Type: Boolean
Automatically kick bots added to your server.
When true: All bots (except those added by server owner) are kicked immediately
When false: Bots can be added normally
Requirement: Moderation plugin must be loaded for this feature to work.
Protects against malicious bots used for server nuking.
Message Spam
Auto-enable slowmode during spam attacks.
enabled
Type: Boolean
Whether to enable spam protection.
max_messages_per_minute
Type: Number
Message threshold before triggering slowmode.
If more than this many messages are sent in a channel within one minute, slowmode is applied.
slowmode
Type: String
Slowmode interval to apply.
Users can only send one message per 10 seconds when triggered.
duration
Type: String
How long slowmode stays active.
whitelisted_channels
Type: Array of Strings
Channels exempt from spam detection.
Anti-Nuke
Prevent server destruction by monitoring destructive actions.
enabled
Type: Boolean
Whether to enable anti-nuke protection.
violations
Type: Object
Point values for different actions.
Each action adds points to a user's violation score. The score resets every 15 minutes.
max_vls
Type: Number
Maximum violation points before action is taken.
When a user reaches this score within 15 minutes, their roles are removed.
whitelisted_users
Type: Array of Strings
User IDs exempt from anti-nuke.
whitelist_bots
Type: Boolean
Exempt bots from anti-nuke monitoring.
When true: Bot actions don't count toward violations
When false: Bots are monitored
notification
Warn users before taking action.
enabled - Whether to send warnings (Boolean) vls - Violation threshold for sending warning (Number)
When a user reaches 10 violations, they receive a notification warning them to stop.
Complete Configuration Example
Here's a production-ready security configuration:
Last updated