MuteBefehl Wiki

AntiVPN

Pre-login VPN / proxy check via an external fraud-check API.

AntiVPN runs an asynchronous AsyncPlayerPreLoginEvent check against a fraud-check API. If the returned risk score reaches your threshold, the connection is rejected before the player even enters the world.

Configuration

Modules:
  AntiVPN:
    Enabled: false
    ApiUrl: "https://your-fraud-check-api/api/fraud-check"
    Token: ""
    RiskScoreThreshold: 50
    BlockProxy: true
    BlockHosting: false
    KickMessage: "&cConnection blocked ..."
    BypassUuids: []
    BypassNames: []
KeyDescription
EnabledMaster toggle.
ApiUrlThe fraud-check endpoint.
TokenShared secret sent as the X-MC-Token header. No per-user API key required.
RiskScoreThresholdRisk score at or above which the connection is rejected (default 50).
BlockProxyReject connections flagged as a proxy.
BlockHostingReject connections flagged as a datacenter / hosting IP.
KickMessageThe kick screen text (see placeholders below).
BypassUuids / BypassNamesPlayers who skip the check entirely.

The kick screen is configured right here under Modules.AntiVPN.KickMessage (not in the messages files) and uses placeholders %REASON%, %SCORE%, %IP%, %DISCORD%.

Per-IP results are cached so repeated logins from the same address don't hammer the endpoint.

Bypassing

There is no bypass permission node. To exempt a player, add their UUID to BypassUuids or their name to BypassNames.

On this page