Anti-VPN 2.0.4

Get the best; save money on overpriced plugins and block VPN users!

  1. egg82
    Tested Minecraft Versions:
    • 1.8
    • 1.9
    • 1.10
    • 1.11
    • 1.12
    Source Code:

    Looking for the Bungee version?
    Find it here!

    Single / Personal servers
    Simply drop the jar into your "plugins" folder. The auto-generated config should default to reasonable values for you, but you may modify it if you wish.

    Multiple servers / Large networks
    Drop the jar into the plugins folder and configure the "sql" section to use MySQL instead of SQLite. RabbitMQ and/or Redis are optional but highly recommended if you have multiple servers.

    Code (Text):
    # This is the backing data for everything
    # SQL is used as long-term storage and cross-network updates every few seconds
    # Try to use an SQL source each server has access to, if possible
    # You may choose to use MySQL or SQLite
    # An SQL database of SOME description is required
      # The type of database to use. May be either MySQL or SQLite
      type: 'sqlite'
      # Number of connections to use. Cannot be lower than 1
      # Recommended 2+ for parallel queries for non-Redis servers
      # If using Redis, set this to 2+ on hubs and 1 on servers
      threads: 2
        address: ''
        port: 3306
        user: ''
        pass: ''
        database: 'avpn'
        file: 'avpn.db'

    # Redis is used as a cache so lookups can be VERY fast
    # This is used in both the expensive and non-expensive lookups
    # It also provides the ability to push instant updates across the network
    # Redis is entirely optional
      enabled: false
      address: ''
      port: 6379
      pass: ''

    # Rabbit is used to push instant updates across the network
    # If you don't have/use Redis you can use this to update faster than SQL
    # Even if you use Redis, this can be used as a backup source
    # Rabbit is entirely optional
      enabled: false
      address: ''
      port: 5672
      user: 'guest'
      pass: 'guest'

    # Where VPN-checking sources are defined
    # Beware the more sources that are included (and fail) the worse the performance and the more the lag
      # The amount of time to globally cache results across all sources
      # This should be as high as possible to avoid rate-limits but as low as possible to ensure results are always up-to-date and accurate
      cacheTime: 6hours
      # The order to try results in
      order: 'getipintel,proxycheck,iphub,vpnblocker,ipdetector,shodan'
      # Detected Nord VPN and Cryptostorm Jul 10, 2018
        enabled: true
        # Contact e-mail in case things go wrong. Required
        contact: '[email protected]'
        # Threshold above which an IP is considered "bad"
        threshold: 0.98
      # Detected Nord VPN and Cryptostorm Jul 10, 2018
        enabled: true
        # Optional API key to use
        key: ''
      # Detected Nord VPN and Cryptostorm Jul 10, 2018
        enabled: false
        # API key to use (Required for this service, free one available at )
        key: ''
        # The block type at which an IP is considered "bad"
        block: 1
      # Detected Nord VPN, did not detect Cryptostorm Jul 10, 2018
        enabled: true
        # Optional API key to use
        key: ''
      # Detected Nord VPN, did not detect Cryptostorm Jul 10, 2018
        enabled: true
        # Optional API key to use
        key: 'free'
      # WARNING: This service utilizes EXTREMELY primitive checks and can return incorrect results
        enabled: false
        # API key to use (Required for this service)
        key: ''

    # The amount of time before in-memory caches expire after non-use
    # This prevents many sequential lookups from using more expensive networking constantly
    cacheTime: 1minute
    # The message to kick VPN users with
    kickMessage: '&cPlease disconnect from your proxy or VPN before re-joining!'
    # When true, logs some extra output to the console so you can see if/why things might be failing
    debug: false
    # When true, checks are done off the main server thread
    # You may want to set this to false in cases where you want to be absolutely sure you kick VPN users immediately
    # In most cases, this should be set to true because using the main thread can cause a lag spike when a player logs in
    async: true
    # When true, will kick players found to be using VPNs
    # Disable this is you intend to use your own kicking/tagging systems using the API
    kick: true
    /avpnreload - Reloads the plugin configuration. This will disconnect and reconnect (if appropriate) any services configured in the config.yml file.

    avpn.admin - allows access to the /avpnreload command
    avpn.bypass - players with this node bypass the filter entirely

    According to the GDPR, you must specify that you are storing IP information to your players in a privacy policy when using this plugin (actually you need that if you're running a vanilla server without this plugin because of server logs). Depending on how data provided from this API is used, you may be required to manually remove some data from the databases.
    Disclaimer: I am a plugin developer, not a lawyer. This information is provided as a "best guess" and is not legal advice.

    Code (Text):
    Latest Repo

    API usage
    Code (Text):
    boolean isVPN(String ip);
    Example - detect if a player is using a VPN (this example is redundant as the plugin does this already)
    Code (Text):
    VPNAPI api = VPNAPI.getInstance();
    if (api.isVPN(playerIp)) {
        // Kick the player
    hou19960228 likes this.

Recent Reviews

  1. Big_SmO_oke
    Version: 1.0.2
    Good plugin, but it cannot be just installed on the BungeeCord, instead of installing this plugin on all servers and configure all on the same database? And it is having a rate limit? It prevent from proxies?
    1. egg82
      Author's Response
      Thanks for the review! I'll likely make a BungeeCord-specific version in the future, though for larger networks with multiple bungees they'll still want a shared database and/or Redis/Rabbit.

      The plugin itself uses the APIs configured in the config.yml file. The file allows you to specify what services to use and in what order, along with any API keys you may have for each service. The quality of such services is widely debated so I decided to offer choice.

      If you don't like a particular service or prefer one over another you can configure the plugin to use those particular services and prioritize them. The default setup, I've personally found, works well enough; however no service is 100% foolproof.
  2. Tlsslurp
    Version: 1.0.0
    I am the developer of an anti-bot skript. I must say I love your resources look and functionality, and the customability. This is much better then most paid anti-VPNs. If you're looking to just block VPNs I high recommend this.
    1. egg82
      Author's Response
      Thanks for the review! The new version gives an option to automatically kick a VPN user so you can even write your own implementations using the API now.