NOTE : IF the current version doesn't work... try a version from the version history. https://blackspigot.com/downloads/m...rver-antibot-anticrash-1-7-1-13.12239/history
What is CasualProtector?
#printing all sent packets by player and their values like integers, items, strings etc..
debug-mode: false
nbthelper:
enabled: true
block-address-if-invalid: true
anti-uuid-spoof:
enabled: true
logged-from-another-location:
block: true
hacked-items:
block: true
sign-exploit:
block: true
world-edit-exploit:
block: true
block-place-listener: true #if you are running on spigot 1.13 please turn it off it may cause errors in console
chunk-cleaner: true
ping:
enabled: false
limit: 1200 #if player's ping is bigger than 1200 he will be kicked
check-tps-before: true #checking server's tps before kicks player, when server has lag or something like this player will be not kicked
too-many-items:
enabled: false
limit: 1000 #if there is dropped more than 1000 items on ground they will be removed
arm-animation:
enabled: true
timestamp: 650 #in milliseconds (1000 = 1 second in 1.10-1.13 it's automatically disabled because server adds this patch it itself)
block-payload-book-edit:
enabled: true
block-fully: false #will block editing/signing book without checking nbt
deserialize: true #if you want to make players able to edit and sign book change it to true and change block-fully to false
window-click:
advanced-deserialization: true
max-similar-pages: 10
invalid-chars:
#block invalid chars (another than english etc. (e.g china chars, larger than 1 bit)
enabled: true
cancel-only-when-count-bigger-than: 20
#plugin will skip those chars.. (they are not checked)
skipped:
- '§'
payload:
register-limit: 13 #limit per 60 seconds, if exceeded, player will be kicked
packet-limitter:
enabled: true
move-limit-enabled: true
move-limit-per-sec: 450
move-too-big-difference-kick: true
#if player exceed this limit in X seconds he will be kicked
limit: 750
#current sent player packets' amount will be set to 0 after this time
cache-seconds: 1
#if plugin kicks normal players please change it to synchronized
#type: synchronized
#type: cache
type: synchronized
block:
big-position: true #for creative/vanilla servers
fully-book: false #if player clicked in book he will be kicked from the server (without checking nbt) (book may has too big nbt, it is using for lagging servers)
hopper-creative-crasher: false
buffer-overflow: true
#kicks player if try to use wdl or forge
wdl: true #world downloader
forge: true #forge mod
proxy: true #if channel contains proxy - server kicks player (proxy is something for lagging and botting servers, and some of them sends pluginmessage with channel 'proxy')
#anti proxy/vpn
bad-ip-checkers:
ipintel:
timeout: 2500
enabled: true
query: "http://www.shroomery.org/ythan/proxycheck.php?ip={ADDRESS}"
result: "Y"
must-equal: false
limitable: false
stopforumspam:
timeout: 2500
enabled: true
query: "http://www.stopforumspam.com/api?ip={ADDRESS}"
result: "<appears>yes</appears>"
must-equal: false
limitable: false
ipapi:
timeout: 3000
enabled: true
limitable: true
#limit per one minute - if reached limit - players will be allowed to join without checking if they are using vpn (only for 1 minute)
limit: 147
allowed-countries:
- "Poland"
antibot:
last-name-length-checker:
enabled: true
sensibility: 3
#if there is more than 3 players with similar name (e.g 1723162yooniks 12732173yooniks etc, or yooniks81273172, yooniks1273127312) next connections will be not able to join.
name-similarity-checker:
enabled: true
start: 0
end: 3
max-similar-names: 3
connection-throttle:
enabled: true
#15 seconds in milliseconds
delay: 15000
#really good method for lobby servers but sometimes kicks real player
#already tested with bots - realy good blocking
#if kicking real players very often (or always) please disable it, probably your server uses another payload for getting server version and server is another than 1.8, 1.9, 1.10, 1.12 and 1.13
channel-verification:
enabled: true
#you can switch it false if it kicks real players so they will be able to rejoin
block: false
max-accounts-per-ip:
enabled: true
amount: 2 #if there is more players than set at the server with the same ip the next connection will be disconnected
#if player is newbie he has to join second time on server because he will be kicked with reason "please join again"
two-step-verification: true
blocked-commands:
- "/plugins"
- "/bukkit
l"
- "/bukkitlugins"
- "/version"
- "/ver"
- "/bukkit:version"
- "//calc"
- "//solve"
Code (YAML):
antibot:
too-many-accounts-per-ip: You have more than %limit% accounts at this server with the same ip!
cannot-join-from-vpn: VPN/Proxy detected! (or localhost ip)
too-big-ping: 'Too big ping! (Max: {LIMIT})'
limiter:
last-name-length:
disconnect-message: '&cToo many players with similar nick are logging in.. Please
wait 10 seconds and try again.'
connection-throttle:
disconnect-message: '&cPlease wait &6{SECONDS}s &cbefore next join!'
similar:
names:
disconnect-message: '&cOn the server are already too many players with similar
nickname! Please change your nickname..'
double-join: You are verified now, join to server again!
too-many-names: There are to many players with the same nick! Change your nickname and try join again!
v1:
kickmessage: |-
&6CasualProtector: &cYou have been recognized as a bot! Your account has been blocked for &610 minutes
&cIf this is mistake, sorry
broadcast: '&6CasualProtector: &8%player% &chas been recognized as a bot and his
account is blocked now!'
prefix: '&8[&6CasualProtector&8] '
command:
no-permission: You do not have permission! (casualprotector.command)
too-many-packets: Sending too many packets! Lag or exploit?
block:
forge: You cannot join from forge!
wdl: You cannot use worlddownloader mod!
proxy: Are you proxy user?!
bedit: You cannot edit book!
invalid-chars: You have just written invalid message! Please use only english letters..
payload:
deserialize:
too-fast-bedit: You are editing book too fast!
invalid-book-data: Invalid book data!
too-many-items:
cleared: On the ground were too many items! I have just removed all to optimize server
connection-closer:
message-to-ops: '&cPlayer %player% has just tried to crash the server!'
send-message-to-ops: false
exploit:
commands-on-try:
- /ban %name% Exploiting
- /ban-ip %name% Exploiting
bypass-when-tps-under: 19.2
max-entities-on-chunk: 1000
anti-logged-from-another-location: '&6[CasualProtector] &cPlayer with that name is
already playing on this server!'
hacked-items-kick-message: '&cHacked items are not allowed on this server! Too big
enchantments or amount.'
anti-wolrd-edit-exploit-message: '&6[CasualProtector] &cYour message contains blocked
words!'
sign-exploit-message: '&cYour sign line has too many characters!'
MessagesBungee:
Code (YAML):
antibot:
vpn: "&cYou cannot join from vpn/proxies!"
vpn-enabled: true
too-many-accounts: "&cYou have more than %limit% accounts at this server with the same ip!"
double-join: "&cYou are verified now, join to server again!"
too-many-connections: "&cToo many players logging in! Please wait a few seconds.."
address-blocker-enabled: true
address-blocker-blocked: "&cThis address is blocked!"
too-many-connections-enabled: true
#between 1000 milliseconds
too-many-connections-limit: 5
too-many-connections-message: "&cThere is too many connections between 1 second! Please wait a moment and join again! Probably a bot attack detected."
pluginmessage:
proxy: "&cPlease, do not use proxy on this server!"
wdl: "&cPlease, don't use world downloader!"
forge: "&cDon't use forge, please join using normal launcher!"
register: "&cYou have just sent to many payloads with channel REGISTER try join after 60 seconds!"
AntiBot system:
TODO LIST:
- please tell me what can i add! =)
- checking all blocks' inventory (like chest, hopper etc..) and their items
some tags:
Anti Crash anty crash the best anticrash anti-crash anty anti antycrash anty-crash qprotector protector exploit fixer crash fix exploiting spoof bot antibot antybot anti-bot anty-bot ping exploitfixer skull hologram armorstand nbt book written and quill beacon customname tag packet limit captcha block address prevent players crashing server igsaw client plugin bungee spigot spigotmc bukkit sponge Block crash code in chat; Avoid writing crash code to sign; Deletes -Redacted- items in inventory; Avoid using crash code in commands; block crash on you server! anti crash anticrash anticrash anticrash anticrash antycrash anticrash antycrash anti crash anticrash anti crash jigsaw custompayload custom payload client pluginmessage packet pakiet anti logged from another location antilogged anti-logged sign exploit line lines worldedit commands calc solve // while( for(
io.netty.handler.codec.DecoderException: java.lang.IndexOutOfBoundsException: readerIndex(3) + length(49) exceeds writerIndex(17): UnpooledSlicedByteBuf(ridx: 3, widx: 17, cap: 17/17, unwrapped: PooledUnsafeDirectByteBuf(ridx: 18, widx: 18, cap: 18))
InitialHandler - encountered exception io.netty.handler.codec.DecoderException: java.lang.IndexOutOfBoundsException: readerIndex(5) + length(1) exceeds writerIndex(5): UnpooledSlicedByteBuf(ridx: 5, widx: 5, cap: 5/5, unwrapped: PooledUnsafeDirectByteBuf(ridx: 6, widx: 1024, cap: 1024))
What is CasualProtector?
- This plugin protects your server from bots, exploits (lags, crashes caused by hack-clients)
- The only thing what the plugin wants from you is install ProtocolLib (it is required for packet listening etc.)!
- I can secure your proxy (bungee) server too if you buy this plugin. Have you got errors like this: https://pastebin.com/raw/4Ur5166t in your bungee logs, and server crashes? In the downloaded file you can find bungeecord with patch for it! =)
- In the downloaded file you can find plugin (.jar file) and readme.txt where are links to download fixed bungee proxy (1.8-1.13, antiddos, blocking addresses etc) and fixed paperspigot 1.8.8 (with some patches)
- Blocks bots (a lot of ways to block bots)
- Blocks exploits, lags, crashes (are your server lagging or crashing and you don't know what is it? It can be exploit!) - nbt (book, skull, egg etc) exploits, spams, payload expoits, hacked-items, sign exploit, command exploits and much more!
- Vpn/proxy/bad ip checking (a lot of ways and configurable, you can add your own ip checking! you can set the url and result you want to get)
- Allow only specified countries to join (e.g poland or your country)
- Supports bungeecord! Are you running bungeecord? Put the .jar file to your spigot and bungeecord servers!
- Optimize lags
- Blocks mods like worlddownloader, forge etc.
- Configurable - The plugin is almost fully configurable! There are configuration files: (config.yml, messages.yml)
#printing all sent packets by player and their values like integers, items, strings etc..
debug-mode: false
nbthelper:
enabled: true
block-address-if-invalid: true
anti-uuid-spoof:
enabled: true
logged-from-another-location:
block: true
hacked-items:
block: true
sign-exploit:
block: true
world-edit-exploit:
block: true
block-place-listener: true #if you are running on spigot 1.13 please turn it off it may cause errors in console
chunk-cleaner: true
ping:
enabled: false
limit: 1200 #if player's ping is bigger than 1200 he will be kicked
check-tps-before: true #checking server's tps before kicks player, when server has lag or something like this player will be not kicked
too-many-items:
enabled: false
limit: 1000 #if there is dropped more than 1000 items on ground they will be removed
arm-animation:
enabled: true
timestamp: 650 #in milliseconds (1000 = 1 second in 1.10-1.13 it's automatically disabled because server adds this patch it itself)
block-payload-book-edit:
enabled: true
block-fully: false #will block editing/signing book without checking nbt
deserialize: true #if you want to make players able to edit and sign book change it to true and change block-fully to false
window-click:
advanced-deserialization: true
max-similar-pages: 10
invalid-chars:
#block invalid chars (another than english etc. (e.g china chars, larger than 1 bit)
enabled: true
cancel-only-when-count-bigger-than: 20
#plugin will skip those chars.. (they are not checked)
skipped:
- '§'
payload:
register-limit: 13 #limit per 60 seconds, if exceeded, player will be kicked
packet-limitter:
enabled: true
move-limit-enabled: true
move-limit-per-sec: 450
move-too-big-difference-kick: true
#if player exceed this limit in X seconds he will be kicked
limit: 750
#current sent player packets' amount will be set to 0 after this time
cache-seconds: 1
#if plugin kicks normal players please change it to synchronized
#type: synchronized
#type: cache
type: synchronized
block:
big-position: true #for creative/vanilla servers
fully-book: false #if player clicked in book he will be kicked from the server (without checking nbt) (book may has too big nbt, it is using for lagging servers)
hopper-creative-crasher: false
buffer-overflow: true
#kicks player if try to use wdl or forge
wdl: true #world downloader
forge: true #forge mod
proxy: true #if channel contains proxy - server kicks player (proxy is something for lagging and botting servers, and some of them sends pluginmessage with channel 'proxy')
#anti proxy/vpn
bad-ip-checkers:
ipintel:
timeout: 2500
enabled: true
query: "http://www.shroomery.org/ythan/proxycheck.php?ip={ADDRESS}"
result: "Y"
must-equal: false
limitable: false
stopforumspam:
timeout: 2500
enabled: true
query: "http://www.stopforumspam.com/api?ip={ADDRESS}"
result: "<appears>yes</appears>"
must-equal: false
limitable: false
ipapi:
timeout: 3000
enabled: true
limitable: true
#limit per one minute - if reached limit - players will be allowed to join without checking if they are using vpn (only for 1 minute)
limit: 147
allowed-countries:
- "Poland"
antibot:
last-name-length-checker:
enabled: true
sensibility: 3
#if there is more than 3 players with similar name (e.g 1723162yooniks 12732173yooniks etc, or yooniks81273172, yooniks1273127312) next connections will be not able to join.
name-similarity-checker:
enabled: true
start: 0
end: 3
max-similar-names: 3
connection-throttle:
enabled: true
#15 seconds in milliseconds
delay: 15000
#really good method for lobby servers but sometimes kicks real player
#already tested with bots - realy good blocking
#if kicking real players very often (or always) please disable it, probably your server uses another payload for getting server version and server is another than 1.8, 1.9, 1.10, 1.12 and 1.13
channel-verification:
enabled: true
#you can switch it false if it kicks real players so they will be able to rejoin
block: false
max-accounts-per-ip:
enabled: true
amount: 2 #if there is more players than set at the server with the same ip the next connection will be disconnected
#if player is newbie he has to join second time on server because he will be kicked with reason "please join again"
two-step-verification: true
blocked-commands:
- "/plugins"
- "/bukkit
l"- "/bukkit
lugins"- "/version"
- "/ver"
- "/bukkit:version"
- "//calc"
- "//solve"
Code (YAML):
antibot:
too-many-accounts-per-ip: You have more than %limit% accounts at this server with the same ip!
cannot-join-from-vpn: VPN/Proxy detected! (or localhost ip)
too-big-ping: 'Too big ping! (Max: {LIMIT})'
limiter:
last-name-length:
disconnect-message: '&cToo many players with similar nick are logging in.. Please
wait 10 seconds and try again.'
connection-throttle:
disconnect-message: '&cPlease wait &6{SECONDS}s &cbefore next join!'
similar:
names:
disconnect-message: '&cOn the server are already too many players with similar
nickname! Please change your nickname..'
double-join: You are verified now, join to server again!
too-many-names: There are to many players with the same nick! Change your nickname and try join again!
v1:
kickmessage: |-
&6CasualProtector: &cYou have been recognized as a bot! Your account has been blocked for &610 minutes
&cIf this is mistake, sorry
broadcast: '&6CasualProtector: &8%player% &chas been recognized as a bot and his
account is blocked now!'
prefix: '&8[&6CasualProtector&8] '
command:
no-permission: You do not have permission! (casualprotector.command)
too-many-packets: Sending too many packets! Lag or exploit?
block:
forge: You cannot join from forge!
wdl: You cannot use worlddownloader mod!
proxy: Are you proxy user?!
bedit: You cannot edit book!
invalid-chars: You have just written invalid message! Please use only english letters..
payload:
deserialize:
too-fast-bedit: You are editing book too fast!
invalid-book-data: Invalid book data!
too-many-items:
cleared: On the ground were too many items! I have just removed all to optimize server
connection-closer:
message-to-ops: '&cPlayer %player% has just tried to crash the server!'
send-message-to-ops: false
exploit:
commands-on-try:
- /ban %name% Exploiting
- /ban-ip %name% Exploiting
bypass-when-tps-under: 19.2
max-entities-on-chunk: 1000
anti-logged-from-another-location: '&6[CasualProtector] &cPlayer with that name is
already playing on this server!'
hacked-items-kick-message: '&cHacked items are not allowed on this server! Too big
enchantments or amount.'
anti-wolrd-edit-exploit-message: '&6[CasualProtector] &cYour message contains blocked
words!'
sign-exploit-message: '&cYour sign line has too many characters!'
MessagesBungee:
Code (YAML):
antibot:
vpn: "&cYou cannot join from vpn/proxies!"
vpn-enabled: true
too-many-accounts: "&cYou have more than %limit% accounts at this server with the same ip!"
double-join: "&cYou are verified now, join to server again!"
too-many-connections: "&cToo many players logging in! Please wait a few seconds.."
address-blocker-enabled: true
address-blocker-blocked: "&cThis address is blocked!"
too-many-connections-enabled: true
#between 1000 milliseconds
too-many-connections-limit: 5
too-many-connections-message: "&cThere is too many connections between 1 second! Please wait a moment and join again! Probably a bot attack detected."
pluginmessage:
proxy: "&cPlease, do not use proxy on this server!"
wdl: "&cPlease, don't use world downloader!"
forge: "&cDon't use forge, please join using normal launcher!"
register: "&cYou have just sent to many payloads with channel REGISTER try join after 60 seconds!"
AntiBot system:
- There is an accounts limit for accounts per ip (configurable) - if player exceed it his connections to server (also his bots) will be cancelled with specified reason.
- Checking last player's name length and compare it, if there were too many connections with the same name length - bots will be not able to join
- Compare half of player's name with online players' name, if them are similar - more bots will be not able to join.
- ConnectionThrottle - 1 address can connect to server every 15 seconds (very useful)
- If player name is similar to 3 other players' name he will be not able to join, e.g "1283217juniks_ 812372123juniks_, deathbot122, etc.." - the next bot will be not able to join, and bots will have to change their nicknames.
- If player is using vpn or proxies ip he will be not able to connect to the server (configurable)
- Player has to connect again to server if he is newbie (double-join) - deathbots and other bots without double-join will be not able to join
- Plugin checks first packets from player - if them are recognized as invalids - player's address are blocked from joining on server for 10 minutes
- There is a pingchecker! If player's ping is bigger than set and tps is above 19.8 he will be kicked. Often bots has very big ping so they will be kicked from the server
- Maybe firstly I explain what is nbt exploit: it's something like - player is trying to send very big data to server and server is reading that very very long time - then server is lagging and crashing.
e.g default book can has about 50 pages and some characters in it, but hack-client can send 10000 pages and 100000 characters in one page - that will lag and crash server, this plugin prevents it and kicks player, inform administrators in logs - there is no lag or crash (im listening window clicking, block placing and a lot more) - If there is more than X tags in nbt - nbt is recognized as invalid and event is cancelled
- Anti logged from another location (if we can call it exploit)
- Spam packets: register, arm animation etc. more players - arm animation exploit works better, more packets - more lags - i did a time period between sending arm animation packets and some more.
- Invalid packets.. e.g: client position, player can send invalid position packets, e.g too big x coordinates, i'm checking that and much more..
- Payload exploits (like too many register packets, or too big size of channels, too big mc|bedit data etc.)
- Sign exploits (too big lines in sign etc)
- Command exploits like worldedit commands (//calc with arguments etc)
- Hacked items (too small < 1 or too big amount of item, or too big enchantments)
- Hopper creative crasher: yes, there is crasher like that, i'm checking that and removing item - this exploit is very annoying, player places hopper and all players got kicked from the server and they CANNOT JOIN until you will not remove all player data.
- Buffer overflow - something like nbt exploit, you can read more here: https://en.wikipedia.org/wiki/Buffer_overflow
- All plugin functions can be disabled! e.g, you just have to set "block.big-position: false"
- Fix skull and chunk exploits
- Fix armorstand and egg exploits
- Player's ip is blocked from joining on server for 10 minutes if he tries to crash server
- and much more.. (I created this plugin specifically to prevent exploits)
- We have our own logs! If you want to know who was crashing/lagging your server (or doing bot attack) just look in logs file in directory of plugin!
- Blocks worlddownloadermod
- Blocks forge
- Update checker - if there is a new version of casualprotector it will inform you about that!
- some more..
TODO LIST:
- please tell me what can i add! =)
- checking all blocks' inventory (like chest, hopper etc..) and their items
some tags:
Anti Crash anty crash the best anticrash anti-crash anty anti antycrash anty-crash qprotector protector exploit fixer crash fix exploiting spoof bot antibot antybot anti-bot anty-bot ping exploitfixer skull hologram armorstand nbt book written and quill beacon customname tag packet limit captcha block address prevent players crashing server igsaw client plugin bungee spigot spigotmc bukkit sponge Block crash code in chat; Avoid writing crash code to sign; Deletes -Redacted- items in inventory; Avoid using crash code in commands; block crash on you server! anti crash anticrash anticrash anticrash anticrash antycrash anticrash antycrash anti crash anticrash anti crash jigsaw custompayload custom payload client pluginmessage packet pakiet anti logged from another location antilogged anti-logged sign exploit line lines worldedit commands calc solve // while( for(
io.netty.handler.codec.DecoderException: java.lang.IndexOutOfBoundsException: readerIndex(3) + length(49) exceeds writerIndex(17): UnpooledSlicedByteBuf(ridx: 3, widx: 17, cap: 17/17, unwrapped: PooledUnsafeDirectByteBuf(ridx: 18, widx: 18, cap: 18))
InitialHandler - encountered exception io.netty.handler.codec.DecoderException: java.lang.IndexOutOfBoundsException: readerIndex(5) + length(1) exceeds writerIndex(5): UnpooledSlicedByteBuf(ridx: 5, widx: 5, cap: 5/5, unwrapped: PooledUnsafeDirectByteBuf(ridx: 6, widx: 1024, cap: 1024))
![[MiniaturePets Pack] Christmas Candies Pack](/data/resource_icons/18/18724.jpg?1609763484){kind=icon}
![⭐ CasualProtector - The most powerful anticrash and antibot! Optimize fps and tps! [with Aegis]](/data/resource_icons/14/14529.jpg?1577047015){kind=icon}
