> ## Documentation Index
> Fetch the complete documentation index at: https://docs.highmark.it/llms.txt
> Use this file to discover all available pages before exploring further.

# Minecraft Server Security

> Protect your server from griefing, bot attacks, and unauthorized access.

Security is often overlooked until it is too late. Here is how to armor your Minecraft server.

### **1. Exploit Protection (Crash)**

Modified clients can send corrupt packets to crash the server.

* **Use PaperMC or Purpur**: They have built-in security patches that the vanilla server does not have.
* **Do not give OP to anyone**: Not even "as a joke". OP has access to everything. Use a permission plugin like **LuckPerms** to give only necessary commands.

### **2. Auth Protection (For SP/Cracked servers)**

If your server is in `online-mode=false`:

1. Install **AuthMeReloaded** or a similar plugin.
2. Configure protection against mass bot registrations.
3. **IMPORTANT**: Prevent players from using commands before login (configure `allowCommands: false` in AuthMe config).

### **3. Network and Proxy Protection**

If you use BungeeCord or Velocity:

* Make sure to set up a **firewall** (like IPWhitelist or configuring iptables) so that players can connect ONLY via the proxy and not directly to backend servers (Spigot/Paper).
* If you don't do this, hackers can bypass login by entering directly into the backend server with an admin name!
* Configure `bungeecord: true` in `spigot.yml` and enable IP forwarding in the proxy.

### **4. Anti-DDoS**

Minecraft servers are often targets of DDoS attacks.

* **TCPShield** or **NeoProtect**: Proxy services that filter traffic and hide your server's true IP.
* **Cloudflare**: Protect your website and, if possible, use their services for DNS.

### **5. Backup, Backup, Backup!**

No protection is 100% foolproof.

* Install an automatic backup plugin (e.g., **DriveBackupV2**) that saves data to Google Drive or other clouds.
* Make regular backups before every major change.

### **6. Whitelist**

For private servers among friends, the **Whitelist** is the best protection.

* Activate it with `/whitelist on`.
* Add players with `/whitelist add <name>`.
* No one will be able to join if they are not on the list.

<Note>
  Guide created by HighMark - All information and contacts on my [official website: Highmark.it](https://highmark.it)
</Note>
