AntiVPN
Pre-login VPN / proxy check via an external fraud-check API.
AntiVPN runs an asynchronous AsyncPlayerPreLoginEvent check against a fraud-check API. If the returned risk score reaches your threshold, the connection is rejected before the player even enters the world.
Configuration
| Key | Description |
|---|---|
Enabled | Master toggle. |
ApiUrl | The fraud-check endpoint. |
Token | Shared secret sent as the X-MC-Token header. No per-user API key required. |
RiskScoreThreshold | Risk score at or above which the connection is rejected (default 50). |
BlockProxy | Reject connections flagged as a proxy. |
BlockHosting | Reject connections flagged as a datacenter / hosting IP. |
KickMessage | The kick screen text (see placeholders below). |
BypassUuids / BypassNames | Players who skip the check entirely. |
The kick screen is configured right here under Modules.AntiVPN.KickMessage (not in the messages files) and uses placeholders %REASON%, %SCORE%, %IP%, %DISCORD%.
Per-IP results are cached so repeated logins from the same address don't hammer the endpoint.
Bypassing
There is no bypass permission node. To exempt a player, add their UUID to BypassUuids or their name to BypassNames.