Tested Minecraft Versions:
What is CasualProtector?
Spoiler: configuration files (.yml)
ANTIBOT SYSTEM:
How does it work? It's simple. I check the redstones in every chunk. If the redstones amount is too big (e.g 50) the plugin just unpower (unactive) the redstones in current chunk. I also limit the clicking in lever, one click is limited to 1.5s. But how much awesome would it be when I wouldn't add some fun things! That's how the /redstones command looks like.
![[IMG]](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7 "[IMG]")
- 1.7
- 1.8
- 1.9
- 1.10
- 1.11
- 1.12
- 1.13
- 1.14
What is CasualProtector?
- This plugin protects your server from bots (antibot and antivpn systems), exploits (lags, crashes caused by hack-clients, e.g jigsaw or jessica etc.) and optimizes tps, fps, reduce lags! We support a lot of mc versions (1.7.x-1.14.x)
- The only thing what the plugin wants from you is install ProtocolLib(it is required for packet listening)
Spoiler: protocollib version - We protect against bungee exploits! (e.g. www.youtube.com/watch?v=_vNuZux_c4k, pastebin.com/raw/tjP0DPd2) Please read bungee exploits section. (If someone crashes your server (with a lot of bots or something like a ddos/flood) and you get such errors: https://pastebin.com/raw/tjP0DPd2 or similar ones - please use my fixed waterfall from readme.txt file.
- Since 3.9 we check the redstone and limit them! It really optimize server tps and game perfomance! There are redstone exploits that a lot of newest versions doesn't block just because it's more like a bug. Look at redstone checker section
- Blocks bots (a lot of ways to block bots, look at antibot section)
- Blocks exploits, lags, crashes (look at antiexploit section)
- Blocks some flood packets (like ddos/dos - remember that we don't block all ddos/dos attacks! You have to block it in another way like iptables or something else, we only check flood packets)
- Vpn/proxy/bad ip checking (a lot of configurable ways to block it, you can add your own ip checking! You can set the url and result you want to get)
- Block flood attack (MCSpam etc.) - edited proxy and spigot code.
- Reduce/remove redstone exploits (redstone checker section)
- Allow only specified countries to join (e.g poland, china or your country)
- Supports bungeecord! Are you running bungeecord? Put the .jar file to your spigot and bungeecord servers!
- Optimize lags, tps
- Optimize fps - hiding falling blocks like sand and tnt. (really helpful)
- Blocks mods like worlddownloader, labymod, liteloader, forge etc.
- Configurable - The plugin is almost fully configurable! There are configuration files like:config.yml, messages.yml, messagesbunge.yml
Spoiler: configuration files (.yml)
ANTIBOT SYSTEM:
- There is an accounts limit for accounts per ip (configurable) - if player exceed it his connections to server (also his bots) will be cancelled with specified reason.
- Vpn, proxy checking - we send a http request to API's that respond very fast with the result (bot or normal player) - you can disable vpn/proxy detectors in bad-ip-checkers section in config.yml. You can add your own ip checker, it's very easy, just take a look at already existing detectors in the section.
- Checking last player's name length and compare it, if there were too many connections with the same name length - bots will be not able to join
- Compare half of player's name with online players' name, if these are similar - more bots (with similar nicknames) will be not able to join.
- ConnectionThrottle - 1 address can connect to server every 15 seconds (very useful) - obviously you can change the delay. (we recommend to set connection-throttle in spigot config to -1)
- If player name is similar to 3 other players' name he will be not able to join, e.g "1283217juniks_ 812372123juniks_, deathbot122, etc.." - the next bot will be not able to join, and bots will have to change their nicknames.
- If player is using vpn or proxies ip he will be not able to connect to the server (configurable)
- Player has to connect again to server if he is newbie (double-join/re-connect) - deathbots and other bots without double-join will be not able to join. If he is verified he doesn't have to re-connect again.
- Plugin checks first packets from player - if these are recognized as invalid (or are sent too late) - bot is kicked and his ip is blocked for 10 minutes.
- There is a pingchecker! If player's ping is bigger than set and tps are above 19.8 he will be kicked. Often bots have very big ping so they will be kicked from the server.
- Nbt exploit (mainly hacked items like written_book with too many pages etc. (windowclick, blockplace spam etc))
Spoiler: small info about nbt exploit - Packet-Filter checks all Client packets and their InputBuffer#remaining, really useful feature, blocks most of exploits.
- Run commands (e.g in books, executing commands without player permission - adding to plot, paying money etc.)
- Firework exploit (too big Flight size that crashes the server)
- If there are more than XXX tags in nbtCompound - nbt is recognized as invalid and event is cancelled, player is kicked
- Spam packets: register, arm animation etc. if there are more players = arm animation exploit works better, more packets = more lags - i did a time period between sending arm animation packets and some more. (since 1.12 it's useless)
- Invalid packets.. e.g: client position, player can send invalid position packets, e.g too big x,y,z coordinates (or pitch and yaw)
- Payload exploits (like too many register packets, or too big size of channels, too big mc|bedit data etc.)
- Checking last 50 windowclick packets. If they are very similar (and the space between each packet is less than 0.5 sec) player is disconnected. Useful for detecting spam packets.
- Sign exploits (too much lines, characters in sign etc)
- Command exploits like worldedit commands (//calc with arguments etc)
- Hacked items (too big enchantments/over-enchanted items or amount of item)
- Hopper creative crasher (common on creative servers, when hopper is placed noone can join on the server until server administrator will remove the world data)
- Buffer overflow - something like nbt exploit, you can read more here: https://en.wikipedia.org/wiki/Buffer_overflow
- Fix skull (skullexploitpatch code used) and chunk exploits
- Fix armorstand and egg exploits
- Fix duplications like book, sign
- Command exploits (like pex or worldedit)
- Anti logged from another location (if we can call it exploit)
- UUIDSpoof exploit (with cache-system)
- Custompayload (jigsaw and many more)
- Player's ip is blocked from joining on server for 10 minutes if he tries to crash server
- and many more! (This plugin was specifically created to prevent exploits)
How does it work? It's simple. I check the redstones in every chunk. If the redstones amount is too big (e.g 50) the plugin just unpower (unactive) the redstones in current chunk. I also limit the clicking in lever, one click is limited to 1.5s. But how much awesome would it be when I wouldn't add some fun things! That's how the /redstones command looks like.
![[IMG]](/proxy.php?image=https%3A%2F%2Fi.imgur.com%2FkyhpXYC.png&hash=343790009cdd4f6b1d70ae8b0845b9cb "[IMG]")
