Secure OP 1.16.5

Password protect your server's op command!

  1. JavaSE
    Native Minecraft Version:
    Tested Minecraft Versions:
    • 1.8
    • 1.9
    • 1.10
    • 1.11
    • 1.12
    • 1.13
    • 1.14
    • 1.15
    • 1.16
    Source Code:
    Secure your servers OP command!
    The current version works in 1.3+, and the previous version was written for older versions. You can download either from the version history*/

    Source code is on GitHub!

    How it works;

    In normal spigot all you have to do to OP someone is type /OP (playername) and that’s it, the player has operator status and can do whatever they want. What does this plugin do to help stop that? Well it makes it so that when you attempt to OP someone you are prompted with a password, /OP (player name) (password) . The password can be changed in the config. file, also you can set it in the config. file to ban players who use the wrong password, and you can even set it to kick players that don’t have permission but still try to use the command.

    Why do you need this?

    One day I was on my server and one of the staff members asked to be oped to help me fix something, so I OPed him and we were working on it and I had to go, he said he would finish it and so I said ok and thanked him for his help. The next morning when I got on he had OPed one of his friends and they were having a lucky block battle with my lucky blocks plugin... Let's just say his friend wasn't honest and took some items from creative while he was at it (64x diamond blocks... RIP economy). If I would have installed this plugin sooner, it wouldn't have been a problem because he wouldn't have been able to OP him and he could have finished fixing the glitch we found.

    You can kick players who you the /op command without permission/ correct password: (configurable)

    When you type /op, you now get this message: upload_2016-6-23_14-36-8.png

    When you op someone, it will send a message to the chat: (configurable)
    Works for deop too!

    This plugin now uses SHA-256 encryption to store passwords. Before you set the password using the setOpPassword command, your server will have no OP password. Please set this password!
    The latest update added a custom 4J log filter to prevent the logging of any command that could contain the plain text version of your password.
    If you forget your password, you can reset it by deleting the password.txt file in the SecureOP plugin folder.

    Commands and permissions:

    /OP (player) (password) – permission, SecureOp.op
    /DEOP (player) (password) – permission, SecureOp.deop
    /SetOpPassword (current password) (New password) - Permission, SecureOP.setPassword

    Code (Text):
    #OP password is now stored in the password.txt file.
    #Kick people without permission to use /op?
    KickWithoutPerms: true
    #Ban people who use incorrect passwords?
    BanOnBadPassword: true
    #This command will run whenever someone uses the wrong password (Set to '' to disable)
    BadCommand: 'adminchat Someone is using /op!'
    #Broadcast a message when a player is OPed?
    BroadcastOP: true
    #Allow offline players to be opped?
    OPofflinePlayers: true
    DEOPofflinePlayers: true
    #Block /bukkit:op? (blocks all commands that include :op) WARNING! SETTING THIS TO FALSE CREATES A SERVER SECURITY PROBLEM
    BlockBukkit: true
    #Message online admins when a player tries to uses command /op? (Permission Secureop.receive )
    MessageAdmins: true
    #Messages. Use %player% for the target player, and %sender% for the command sender. %command% for /op or /deop
    OpMsg: '&bPlayer &5%player% &bhas been OPed by &5%sender%'
    DeopMsg: '&bPlayer &5%player% &bhas been deOPed by &5%sender%'
    BadPassword: '&4Authentication failed.'
    AdminMessageNoPerm: '&4Player %sender% tried to use /%command%!'
    AdminMessageBadPass: '&4Admin %sender% tried to %command% %player%'
    ErrorNoPerms: '&cError, you cannot use that command because it can damage the server!'
    KickMessage: '&4You do not have permission to change the operator status of other players'
    #This will intercept commands before they hit the command processor.
    #Should prevent other command spy plugins from seeing this command
    interceptOPcmd: true

    Code (Text):
        default: op
        default: op
        default: op
        default: op


    1. SecureOP.jpg
    2. upload_2016-6-23_14-36-37.png
    TonKungZababa and ANDREI923 like this.

Recent Updates

  1. Added SHA-256 encryption
  2. Bug fixes
  3. Added support for /deop

Recent Reviews

  1. PavlosSk
    Version: 1.16.5
    The best plugin 5 stars everyone i say download it and check it out its working perfect
  2. xiaozhangup
    Version: 1.5.1
    This plug-in enhances the security of my server. Thank you very much. Can I move him to the forum in China? I'll mark the original author.
    1. JavaSE
      Author's Response
      Glad you like the plugin. Feel free to post it on mcbbs, just link my Github as the source code. I want as many people as possible to be able to use this plugin.
  3. Turboline
    Version: 1.5
    A very good plugin. I only miss one thing ...
    Would it also be possible to prevent the "/ deop" command?
    I think that would be a good addition to the plugin.
    1. JavaSE
      Author's Response
      Great idea! I added it to the latest version. Thank you for the review.
  4. TheMoMojanster
    Version: 1.5
    it is amazing, and its also great for password protecting a servers op command too, though I think thats not the main goal of it, im pretty sure the main goal is to ban the owner on accident, which is cooler than the other one
    1. JavaSE
      Author's Response
      Haha. Glad you are enjoying it. Thanks for the review!
  5. dinoboss2001
    Version: 1.5
    si que se fue un largo tiempo xdddddddddddddddddddddddddddddd un saludo grax por la update era hora xddd
  6. tofonek
    Version: 1.11
    its good plugin but add please to config tempban and how many long and add config text: Error! please use the command like this: /op (player) (password)
  7. Redst0ned
    Version: 1.11
    Would be better with /deop support and possibly the ability to change password with an in game command
  8. Djmadzik
    Version: 1.11
    thx a lot for create this plugin, it resolve a lot a problem for my server,
    continue your good work, i hope see your next plugin how it will be awsome ^^
  9. Orim0
    Version: 1.11
    Good, but i can /minecraft:op .
    1. JavaSE
      Author's Response
      Thank you for the review, I was assuming most servers blocked that command by default. However, I can add that to a future update.
  10. texxxxxx
    Version: 1.10.2
    To begin the plugin works fine. It does what it supposed to which is great. Whenever I op someone doing /op Texxxxxx password, it says "Error! Please use the command like this: /op (player) (password). Then when I do /deop (tab), it shows the player that I just tried to op being op. In other words, when I correctly op someone, the error message shows anyway.
    1. JavaSE
      Author's Response
      I will look into this, thank you for the review.