
PluginGuard
Protect your server by hiding installed plugins from users (and more)
- Загрузки
- 251
- Подписчики
- 2
- Обновлён
- 6 июля 2026 г.
- Лицензия
- source-available
Опубликован 1 ноября 2025 г.
PluginGuard
Stop players from seeing which plugins your server runs.
Type /pl on most servers and you get the full plugin list. That list is a gift to anyone looking for a way in — a known-buggy plugin, an outdated version, a command to abuse. PluginGuard shuts every door players use to find that out, and lets you show them whatever you like instead.
Lightweight, no dependencies, no database. Drop it in and you're protected.
What it protects against
Players have a lot of little tricks for figuring out your setup. PluginGuard blocks all of them:
/plugins,/pl,/ver,/version,/about,/icanhasbukkitbukkit:andminecraft:prefixed commands (e.g./bukkit:plugins)- Namespaced commands like
/essentials:home— the part before the colon is the plugin name - Tab-completion probing (pressing TAB to reveal commands)
- The "unknown command" vs "you don't have permission" difference, which quietly confirms a plugin exists
- The server brand in the server-list ping and in the in-game F3 debug screen
Features
- Choose what players see. Reply to probes with a fake "unknown command", an empty list, a list of convincing decoy plugins, or a "no permission" message — your call.
- Fake plugin list. Make a heavily-modded server look like plain vanilla Paper with a couple of harmless utilities.
- Command blocking. Common plugin commands (
/essentials,/lp,/we,/co,/mv,/dynmap, and more) all just return "Unknown command". - Tab-completion cleanup. Plugin commands never show up in autocomplete.
- Server-brand spoofing. Show
vanilla(or anything you want) both in the server list and in the F3 screen. Most similar plugins only cover the server list — PluginGuard covers both. - Aggressive mode. Optionally hide every plugin command unless a player has explicit permission for it.
- Probe detection & alerts. PluginGuard notices when someone is poking around and alerts your staff in-game. Casual
/helpuse is ignored; a real probing pattern trips it fast. - Honeypot commands. List fake commands no normal player would ever type. One hit and you know exactly who's snooping.
- Staff bypass. Anyone with the bypass permission sees the real server and never trips an alert.
- Instant reload. Change the config and run
/pluginguard reload— no restart.
Compatibility
| Minecraft | 1.21.x and 26.x |
| Java | 21+ (for 1.21.x) / 25+ (for 26.x) |
| Best on | Paper, Purpur, Pufferfish, Folia, Leaf, and other Paper forks |
| Spigot / CraftBukkit | Works fine — only the server-brand spoofing turns off (it needs Paper) |
| Folia | Fully supported |
Two downloads are provided: PluginGuard-<version>.jar for Minecraft 1.21.x, and PluginGuard-<version>-mc26.jar for 26.x. Grab the one that matches your server.
Installation
- Download the jar that matches your Minecraft version and drop it in your
plugins/folder. - Start the server once — this creates
plugins/PluginGuard/config.yml. - Edit the config however you like, then run
/pluginguard reload.
That's it. No external dependencies, no database, no web dashboard.
Configuration example
Every option is explained with inline comments in the generated config.yml. Here's the gist:
# How to respond when someone tries to list your plugins.
hide-mode: "unknown-command"
# Shown when hide-mode is "fake-list".
fake-plugins:
- "ServerCore"
- "WorldManager"
- "CoreProtect"
- "EveryoneChat"
bypass-permission: "pluginguard.bypass"
protected-commands: [pl, plugins, ver, version, "?", help, about, icanhasbukkit]
block-bukkit-commands: true
block-namespaced-commands: true
redirect-bukkit-commands: false
hide-tab-completion: true
block-unknown-commands: true
block-common-plugin-commands: true
hide-server-brand: true
fake-server-brand: "vanilla"
aggressive-mode: false
# Probe logging & detection
logging:
log-to-file: false
log-individual-probes: false
detection:
enabled: true
score-threshold: 5
window-seconds: 60
alert-cooldown-seconds: 300
notify-permission: "pluginguard.alerts"
# Fake commands no real player would type. A single hit fires an alert.
honeypot-commands:
- "staffchat"
- "adminchat"
- "modchat"
- "opme"
Commands & permissions
| Command | What it does | Permission |
|---|---|---|
/pluginguard reload |
Reload the config on the fly | pluginguard.reload (op) |
/pluginguard status |
Show current protection status | pluginguard.reload (op) |
Alias: /pg
| Permission | What it grants | Default |
|---|---|---|
pluginguard.bypass |
See the real plugins and server brand; never tracked | op |
pluginguard.reload |
Reload the configuration | op |
pluginguard.alerts |
Get in-game alerts when someone is probing | op |
Pairs perfectly with AntiDupePro
Running PluginGuard? Take a look at AntiDupePro too — a chain-of-custody item-flow auditor that catches item duplication. It benefits directly from PluginGuard hiding /plugin and friends, so the two make a great team.
- Source & issues: https://github.com/darkstarworks/PluginGuard
- Donate: https://ko-fi.com/darkstarworks
Ченджлог
1.3.0-mc26Релиз26.1.1, 26.1.2, 26.2 · 6 июля 2026 г.
[1.3.0] - 2026-07-07
- New: built-in update checking. PluginGuard now checks Modrinth (with GitHub
Releases as a fallback) for new versions and announces them to admins.
/pluginguard updategivescheck,download(fetches the verified jar, confirms its checksum, and stages it in the server's update folder to install on the next restart),restore(roll back to the previous jar),ignore <version>,unignore <version>, andstatus. Controlled by the newupdatesection in config.yml (mode:off/check-only/notify/download/auto-stage; defaultnotify— nothing is ever downloaded without opting in). Minecraft 26.x servers automatically follow the-mc26build line. Degrades to plain-text notices on Spigot where Adventure is absent.
1.3.0Релиз1.21.9, 1.21.10, 1.21.11 · 6 июля 2026 г.
[1.3.0] - 2026-07-07
- New: built-in update checking. PluginGuard now checks Modrinth (with GitHub
Releases as a fallback) for new versions and announces them to admins.
/pluginguard updategivescheck,download(fetches the verified jar, confirms its checksum, and stages it in the server's update folder to install on the next restart),restore(roll back to the previous jar),ignore <version>,unignore <version>, andstatus. Controlled by the newupdatesection in config.yml (mode:off/check-only/notify/download/auto-stage; defaultnotify— nothing is ever downloaded without opting in). Minecraft 26.x servers automatically follow the-mc26build line. Degrades to plain-text notices on Spigot where Adventure is absent.
1.2.0-mc26Релиз26.1.1, 26.1.2, 26.2 · 2 июля 2026 г.
[1.2.0] - 2026-07-02
- Real Minecraft 26.x support: one codebase now builds two jars, selected with
-Pmc=<line>(mirrors AntiDupePro's release model)../gradlew shadowJar -Pmc=21->PluginGuard-1.2.0.jar(compiled against Paper API 1.21.11, Java 21 bytecode - for 1.21.x servers)../gradlew shadowJar -Pmc=26->PluginGuard-1.2.0-mc26.jar(compiled against Paper API 26.1.2, Java 25 bytecode - for 26.x servers).
- New: in-game server-brand spoofing.
PaperServerListPingEventonly covered the server-list ping; the brand shown in the F3 debug screen (and read by "server brand" client mods) travels separately in theminecraft:brandplugin-message channel, sent during the configuration phase before a player fully joins. PluginGuard now injects a Netty pipeline handler at the server-channel level (TinyProtocol-style, before login) and rewrites that payload tofake-server-brand. Reuses the existinghide-server-brandtoggle. Reflection on plain paper-api, no ProtocolLib/paperweight; fails open (Spigot's remapped internals degrade to ping-only spoofing, as before). - Hardened the command-preprocess parser: it now skips any whitespace between the
slash and the command token before matching (
/ plugins,/<tab>plugins), so a padded command can't slip past the guard on a dispatcher that tolerates it. - New:
block-namespaced-commands(default: on). Blocks every namespaced command (/essentials:home,/luckperms:lp, ...) and strips namespaced entries from tab completion - the namespace before the colon is the plugin's name, so a single namespaced command confirmed a plugin's presence even with its bare alias hidden. Namespaced probes are recorded at high weight (3) by the detector. - Fixed:
block-bukkit-commandsdocumented that it blocksminecraft:-prefixed commands but only ever blockedbukkit:. It now blocks both, as documented. - Fixed:
block-unknown-commandswas read from the config but never enforced. It now works: when a player runs a plugin command they lack permission for, PluginGuard cancels it and answers with the vanilla unknown-command line before the plugin can leak its existence through a "You don't have permission" reply. (Applies to commands that declare a permission; not tracked by the detector, since legitimate players hit permission walls routinely.) - Fixed: probe-detector alert details (recent labels, window age) are now snapshotted inside the tracker lock, closing a small race where a concurrent probe from the same player could skew the alert message.
/pluginguardnow tab-completes its subcommands (reload,status)./versionspoof no longer wraps the fake brand in literal escaped quotes.- Build: Kotlin 2.3.20; plain (non-shaded) jar task disabled - only the shaded jar is ever released.
1.2.0Релиз1.21.9, 1.21.10, 1.21.11 · 2 июля 2026 г.
[1.2.0] - 2026-07-02
- Real Minecraft 26.x support: one codebase now builds two jars, selected with
-Pmc=<line>(mirrors AntiDupePro's release model)../gradlew shadowJar -Pmc=21->PluginGuard-1.2.0.jar(compiled against Paper API 1.21.11, Java 21 bytecode - for 1.21.x servers)../gradlew shadowJar -Pmc=26->PluginGuard-1.2.0-mc26.jar(compiled against Paper API 26.1.2, Java 25 bytecode - for 26.x servers).
- New: in-game server-brand spoofing.
PaperServerListPingEventonly covered the server-list ping; the brand shown in the F3 debug screen (and read by "server brand" client mods) travels separately in theminecraft:brandplugin-message channel, sent during the configuration phase before a player fully joins. PluginGuard now injects a Netty pipeline handler at the server-channel level (TinyProtocol-style, before login) and rewrites that payload tofake-server-brand. Reuses the existinghide-server-brandtoggle. Reflection on plain paper-api, no ProtocolLib/paperweight; fails open (Spigot's remapped internals degrade to ping-only spoofing, as before). - Hardened the command-preprocess parser: it now skips any whitespace between the
slash and the command token before matching (
/ plugins,/<tab>plugins), so a padded command can't slip past the guard on a dispatcher that tolerates it. - New:
block-namespaced-commands(default: on). Blocks every namespaced command (/essentials:home,/luckperms:lp, ...) and strips namespaced entries from tab completion - the namespace before the colon is the plugin's name, so a single namespaced command confirmed a plugin's presence even with its bare alias hidden. Namespaced probes are recorded at high weight (3) by the detector. - Fixed:
block-bukkit-commandsdocumented that it blocksminecraft:-prefixed commands but only ever blockedbukkit:. It now blocks both, as documented. - Fixed:
block-unknown-commandswas read from the config but never enforced. It now works: when a player runs a plugin command they lack permission for, PluginGuard cancels it and answers with the vanilla unknown-command line before the plugin can leak its existence through a "You don't have permission" reply. (Applies to commands that declare a permission; not tracked by the detector, since legitimate players hit permission walls routinely.) - Fixed: probe-detector alert details (recent labels, window age) are now snapshotted inside the tracker lock, closing a small race where a concurrent probe from the same player could skew the alert message.
/pluginguardnow tab-completes its subcommands (reload,status)./versionspoof no longer wraps the fake brand in literal escaped quotes.- Build: Kotlin 2.3.20; plain (non-shaded) jar task disabled - only the shaded jar is ever released.
1.1.0Релиз1.21.9, 1.21.10, 1.21.11 · 1 июня 2026 г.
[1.1.0] - 2026-06-01
- Probe logging and pattern detection. PluginGuard now records when players try
to enumerate the plugin list and can alert online admins when a player crosses
a configurable weighted-score threshold within a sliding window.
- Weighted categories: high (3) for
bukkit:/minecraft:prefixes and/icanhasbukkit; medium (2) for/pl,/plugins,/ver,/version,/about; low (1) for common-plugin enumeration (/lp,/we,/co, ...). /helpand/?are deliberately never tracked.- Optional append-only
plugins/PluginGuard/probes.logaudit trail. - In-game alerts gated by new
pluginguard.alertspermission (default: op). - All I/O dispatched via Paper/Folia's async and global-region schedulers, so the event hot path stays cheap and Folia-safe.
- Per-player state lives in a
ConcurrentHashMapand is cleared on quit.
- Weighted categories: high (3) for
- Honeypot commands. Admins can list fake commands in
honeypot-commands:that no legitimate user would ever type — a single honeypot hit weighs 5, so by default it triggers an alert immediately. /pluginguard statusnow reports detection state, honeypot count, and file-log state.
1.0.0Релиз1.21.9, 1.21.10, 1.21.11 · 31 мая 2026 г.
[1.0.0] - 2026-06-01
- Target Paper API 1.21.4; supports Minecraft 1.21.x (Java 21+) and 26.x.x (Java 25+).
- Folia support declared via
folia-supported: true. - Graceful degradation on Spigot/Bukkit: the Paper-only
PaperServerListPingEventlistener is now registered conditionally via class-presence check, so the plugin loads on non-Paper servers (server-brand spoofing simply becomes a no-op). - All player-facing messages now use the Adventure
ComponentAPI instead of the deprecated legacy color-code strings. /versionspoof now reflects the running server's Minecraft version dynamically instead of a hard-coded1.21.1.- Build: Kotlin 2.1.20, Shadow 8.3.6, jar version is now wired through
plugin.ymlvia${version}. - Thread-safe, lock-free reload: all config-derived state is held in an immutable
Settingssnapshot behind a@Volatilereference, so/pluginguard reloadswaps the whole snapshot atomically and concurrent event handlers on different Folia region threads always observe a consistent set of values without taking any lock. - Hot-path allocation reduced:
PlayerCommandPreprocessEventno longer lowercases the entire message or splits on spaces — only the base command token is sliced out and lowercased. Saves work on every command a player types, proportional to message length. - README rewritten as proper UTF-8 (was UTF-16 with BOM).
0.1Релиз1.21.8, 1.21.9, 1.21.10 · 1 ноября 2025 г.
Release.
Комментарии
Загружаем…