[2LS] ExploitFixer - The Ultimate AntiExploit plugin 1.4.9

Secure your server from exploits with this professional AntiExploit system for FREE.

  1. LinsaFTW
    Tested Minecraft Versions:
    • 1.8
    • 1.9
    • 1.10
    • 1.11
    • 1.12
    • 1.13
    • 1.14
    • 1.15
    • 1.16
    Source Code:
    If you own a big Network i encourage funding ExploitFixer by donating to keep alive the plugin development and help small servers have a free and safe protection against exploits.



    This is a free BungeeCord/Spigot plugin that secures your server preventing exploits by checking packets before they are readed by the server.

    To fix BungeeCord netty exploits (OutOfBounds, DecoderException, HTTP packets, etc...) use FlameCord. (BungeeCord with 1.7+ compatibility)


    · Increases your server performance.
    · Spigot and BungeeCord compatibility.
    · Notification and stats system.

    ExploitFixer protects you from the following exploits:

    · CustomPayload packets with big book data used to overload the server and lag it.
    · UUIDSpoof that is used on non-firewalled servers with bungeecord: true by connecting to a Spigot instance and forwarding a invalid UUID/Address.
    · NullAddress its a exploit used to bypass ipwhitelist by forwarding a invalid address and making it return a server error
    · Commands that some plugins have and can crash your server are blocked by ExploitFixer.
    · Items are remade by ExploitFixer to prevent invalid Hacked Creative Items. (Players with creative mode can create any kind of item by sending a packet)
    · Packets that accomplish certain conditions (ex: sending big book data) will be blocked from the server to prevent lagging your network. (ExploitFixer protects you from every packet possible sent by players)
    · Signs created by hacked clients that have extra lines to crash your server.

    Some exploits can't be blocked by only installing BungeeCord version!


    · /exploitfixer help shows the available commands of the plugin.
    · /exploitfixer reload reloads the plugin configuration.
    · /exploitfixer notifications toggles notifications for yourself.
    · /exploitfixer stats shows you some information about the plugin.


    · exploitfixer.admin - Permission to use administration commands.
    · exploitfixer.notifications - Permission to toggle notifications.


    If you're running a BungeeCord Network, install the plugin in BungeeCord and all your Spigot servers.

    Remember to use FlameCord to prevent Netty Exploits. (Please google it because we can't publish external store links)

    This plugin requires HamsterAPI installed in your Spigot servers, BungeeCord doesn't need this API (yet).


    ArkFlame Network is our official test server.
    (Please try not to bother players when testing, thanks!)



    Please feel free to donate to help improve our development team to keep a safe server hosting experience on the community.

    Leave a positive review to help improving the development of the resource, thanks!

Recent Reviews

  1. Ashatoon
    Version: 1.4.9
    I love this plugin, its a great free solution to common exploits. My one problem is that its been adding random enchantments to items such as keys, banknotes, and vouchers. It took me a few weeks to figure out this plugin was to blame. Besides that it works really well, and would 100% recommend adding to your server.
    1. LinsaFTW
      Author's Response
      As i always state; This is how it has to be because of how creative works (Blame mojang); Other solutions for creative items aren't safe, the best way is removing everything from meta. If you don't like your item meta being removed please disable ItemsFix check.

      Creative mode in Minecraft is not made for multiplayer servers. The best solution would be to make a fake Creative (Survival + Fly + Infinite Health + Infinite Blocks).
  2. Skeptic227
    Version: 1.4.9
    I really appreciate the time the developer has put into this plugin while still offering it for free. It performs great and does exactly everything it promises, thank you so much for such an amazing free plugin :)
    1. LinsaFTW
      Author's Response
      Thank you for your positive review :)
  3. Willi
    Version: 1.4.8
    First of all Thanks for supporting the Community with such an powerful AntiCrash for Free. It isn't perfect, but by far the best free one out there. Please keep the Project up!
    1. LinsaFTW
      Author's Response
      Thank you! :)
  4. pepsimax
    Version: 1.4.8
    Hello everyone, I'm using ExploitFixer and some potions turn into a water bubble, how can I disable this feature?
    1. LinsaFTW
      Author's Response
      Hi, potion creation in creative is denied by default because it allows players to create items with custom meta and destroy the server.

      It's the ItemsFix check.
  5. sdfjifdsojjofds
    Version: 1.4.8
    I am from Russia and will use google translate, so there may be errors.

    Exploitfixer is the best plugin for server protection, many thanks to the developer, our community uses it, a lot of people are angry because they don't cut potions because of this plugin, but it's done for protection. Our Russian developers have made a cheat client that can crash minecraft for a player, and if it were not for the exploit fixer, the servers would be bad. Therefore, the developer should not be blamed.
    1. LinsaFTW
      Author's Response
      Thank you for your positive review :)
  6. RamiXDD
    Version: 1.4.8
    El mejor plugin para protejer tu network, si el plugin tendria un permiso para los owners (Los administradores de la network), le daria 1M de estrellas :3 UwU, me podes decir si tiene permisos el plugin????
    o sino, mandame la pagina donde esten los permisos.
    1. LinsaFTW
      Author's Response
      No tiene permisos debido a que no quiero correr riesgos de seguridad. Gracias por la review.
  7. lokka30
    Version: 1.4.8
    So many invalid reviews on this resource, quite sickening considering that this is a free resource which works really well and the developer obviously puts a lot of time into it. I've dealt with my share of ignorant people on this platform doing the same, so I thought I'd leave a nice review:

    Used ExploitFixer for a while and it's always been brilliant. It's proven its use multiple times in deployment on my servers. Updated frequently with patches and sometimes new checks as well. Extensive customisation can be made to both the checks and the messages in the plugin's configuration. It isn't a TPS sink either.

    Security > adding a stupid permission because server owners for some bizarre reason want to give users weird items.

    Thanks a lot!
    1. LinsaFTW
      Author's Response
      Thank you for your positive review! Sadly i think i will implement the permission to bypass ItemsFix check, but i will try to make it disabled by default.
  8. rodrigomarcelos
    Version: 1.4.8
    Se que esto son reviuw pero tu plugin me gusta y te queria preguntar todavía es necesario el HamsterAPI?
    1. LinsaFTW
      Author's Response
      Hola, si es necesario y siempre lo sera. A que viene la pregunta? Puedes pedir soporte en nuestro Discord. Un saludo.
  9. imAverageNoob
    Version: 1.4.7
    This plugin is very good, but it can kick you for Packet Exploit? Can you really exploit anything within Vanilla without any injections or interferences from any softwares, or the code itself?
    1. LinsaFTW
      Author's Response
      This plugin injects itself into the Netty pipeline so yeah. Some new stuff might need some recode of the decode class of Spigot but atm this is a great solution for most of the known exploits.
  10. Concordat
    Version: 1.4.7
    Is it a good idea for a plugin? Yeah, as it can be used to prevent creative users from obtaining impossible items. But the lack of a bypass or override wildcard in the permissions is terrible. We liked the plugin, but removed it after finding out that there isn't an override. Our admins need access to highly enchanted items and potions for development on the server, but this disables those items even for opped players.
    I highly suggest adding a exploitfixer.admin.bypass function, so that server owners and admins can bypass the restriction.
    1. LinsaFTW
      Author's Response
      I don't want to add bypasses because of security concerns. Some people that attacks servers get permissions so they can create crash items and crap the entire server and you will have to either load a backup or start from zero.