# Aegis# https://www.mc-market.org/resources/13304/# The best protection eve

1. # Aegis
2. # https://www.mc-market.org/resources/13304/
3. # The best protection ever. Protection against powerful bot attacks (fast + slow), nullping crashers (bungee exploits/smashers)
4. # Aegis also contains lots of features from well-known BotFilter by leymooo + we have lots of our own features - and the most important thing: exploit patches
5. help: "Discord: yooniks#0289"
6.  
7. # Do not use '\ n', use %nl%
8. messages:
9. proxy-not-loaded: "&eЗагрузка данных... Пожалуйста подождите"
10. bungeecord-command: "&9Самая мощная защита для вашего Proxy-сервера. /aegis"
11. prefix: "&f[&ci&f]"
12. statistics: "&c&nСтатистика&r&7 -> &cВсего заблокировано: &6{TOTAL-BLOCKED} &7| &cCPS: &6{CPS} &7| &cPPS: &6{PPS} &7| &cCH: &6{CHECKING}"
13. cerberus: "&c&nCerberus&r&7 -> &cВсего отклонённых подключений: &6{TOTAL-BLOCKED} &7| &cCPS: &6{CPS} &a&l{FANCY-CHAR}"
14. checking: "%prefix% Пожалуйста подождите..."
15. checking-captcha: "%prefix% Напишите число с картинки в чат."
16. checking-captcha-wrong: "%prefix% Капча введена неверно, попробуйте снова. "
17. successfully: "%prefix% Проверка пройдена!"
18. kick-many-checks: "%prefix%%nl%%nl%&cПодозрительная активность была замечена с вашего IP адреса%nl%%nl%&6Попробуйте через 10 минут.%nl%&c(Убедитесь, что не используете чит NoFall или AntiKnock)"
19. kick-not-player: "%prefix%%nl%%nl%&cВы не прошли проверку, возможно вы бот или используете читы (nofall или antiknockback)%nl%&7&oЕсли это ошибка, пожалуйста перезайдите."
20. kick-country: "%prefix%%nl%%nl%&cСервер недоступен в вашей стране."
21. kick-big-ping: "%prefix%%nl%%nl%&cУ вас слишком высокий пинг."
22. # Title%nl%Subtitle
23. # Leave blank to stop ( edit: CHECKING_TITLE = "" )
24. # Turning off titles can slightly improve performance.
25. checking-title: "&r%nl%&aПроверка..."
26. checking-title-sus: "&aПроверка пройддена%nl%&aУдачной игры!"
27. checking-title-captcha: " %nl%&rВведите капчу в чат!"
28. bot-behaviour: "%prefix%%nl%%nl%&cYour are acting like a bot, please try again"
29.  
30. # Please ignore it, it is for the developer - yooniks
31. cerberus:
32. # Is cerberus enabled?
33. enabled: false
34. # Ip of server where Cerberus is hosted
35. # It is probably your server vps/dedicated server address.
36. server-ip: "yourCerberusServerIP"
37. # You have to unblock that port with firewall
38. server-udp-port: 54777
39. # You have to unblock that port with firewall
40. server-tcp-port: 54555
41. # How long (max) should we wait for response from Cerberus-Server? After that time, if we did not get response we automatically skip/bypass the connection
42. packet-timeout: 5000
43. connect-timeout: 5000
44. # Cerberus will verify connections only when cps are higher than 10 by default
45. work-only-when-cps-bigger-than: 10
46. threads: 20
47.  
48. # Enable or Disable GeoIp
49. geo-ip:
50. # When verification is working
51. # 0 - Always
52. # 1 - Only during the bot attack
53. # 2 - Never
54. mode: 1
55. # How exactly does GeoIp work
56. # 0 - White list(Only those countries in the list can enter)
57. # 1 - Black list(Only countries that are not in the list can enter)
58. type: 0
59. # Please DO NOT USE THAT if you do not have GEOIP bought, you should use country blocker from anti-vpn configuration that is below.
60. # URL to download GEOIP
61. # Change the link if it does not working.
62. # The filename must end with .mmdb or be packed in .tar.gz
63. geoip-download-url: "http://geolite.maxmind.com/download/geoip/database/GeoLite2-Country.tar.gz"
64. # Allowed country (default: Asean)
65. allowed-countries:
66. - "RU"
67. - "UA"
68. - "BY"
69. - "KZ"
70. - "EE"
71. - "MD"
72. - "KG"
73. - "AZ"
74. - "LT"
75. - "LV"
76. - "GE"
77. - "PL"
78.  
79. # Enable or stop high ping checking
80. ping-check:
81. # When verification is working
82. # 0 - Always
83. # 1 - Only during the bot attack
84. # 2 - Never
85. mode: 1
86. # Maximum allowed ping
87. max-ping: 356
88.  
89. # Setting how protection will work
90. # 0 - Only check with captcha
91. # 1 - Drop check + captcha
92. # 2 - Drop check, if failed, then captcha
93. # I heard that there are some new bots that bypass drop/falling test so i recommend to use 1 on big servers
94. protection:
95. # Should we verify player again when he passed falling test but his ip changed?
96. verify-again-on-ip-change: true
97. # Operation mode when no attack
98. normal: 0
99. # Operation mode during the attack
100. on-attack: 0
101. # Should we listen for MC|Brand plugin message?
102. # Bots very often do not send that thing, normal clients send it always, to check server version
103. # If you set to TRUE -> better protection against very good bypassing bots
104. check-mcbrand: true
105.  
106. aegis-settings:
107. # Put your license key here, to get the license key you have to contact me on discord: yooniks0289 and send proof of payment from paypal
108. license: "9PPZUYlks7HMoPPj"
109. # Do you want pretty clean console? When aegis blocks bots etc. it will not show it in the console if it's set to true.
110. clean-console: true
111. # List of bypass/skipped ips - e.g. your other bungee ip (if you run multi proxies) or your HAProxy.
112. bypass-ips:
113. - "127.0.0.1"
114. - "188.165.218.20"
115. - "46.105.245.75"
116. - "94.130.120.10"
117. # Do you want to allow 1.7 clients to join your server?
118. allow-v1-7-support: false
119. # Matters only when AUTH-SYSTEM is disabled! Otherwise this option is useless.
120. # Should we support online uuids? It will automatically stop falling/drop test (falling verification).
121. # If you do not use our own auth-system and you have plugin that auto-logins premium players like FastLogin or JHPremium then set it to true.
122. online-uuids-support: false
123. # Should we print exceptions from disconnects? Set to false to have cleaner console.
124. print-exceptions: false
125. # Should we print stacktraces of exceptions from disconnects? If you are being disconnected when you join etc. it helps to solve problems thanks to logs file. Set to false for cleaner console.
126. print-stacktraces-from-exceptions: false
127. # Game version? In some clients it is shown right next to the motd/players count. You can set it to your server name like UltraPVP
128. game-version: "Core"
129. # Blocked protocols of versions (If you want e.g to block 1.14.4 players, this option is for you!
130. # Minecraft protocols (versions): https://wiki.vg/Protocol_version_numbers for example: 1.8.8 is 47
131. blocked-protocols: []
132. # Kick message when your version is blocked
133. protocol-blocked: "&cВерсии для входа - 1.8-1.15.2"
134. # Delayed disconnections in auth-system? Can look better
135. delayed-disconnections: false
136. # Do we limit pings per ip?
137. limit-pings-per-ip: true
138. min-length-name: 3
139. max-length-name: 16
140. # Should we limit serverConnector connects? Like 1 connect per second to server (per ip)
141. limit-serverconnector-connects: false
142. # In millis
143. limit-serverconnector-time: 1000
144. ignore-captcha-generation-kick: false
145. # Advanced configuration, you can change min and max lengths of login packets if you have any bugs with current ones
146. login-packets:
147. min-length-first-packet: 3
148. max-length-first-packet: 1035
149. min-length-second-packet: 3
150. max-length-second-packet: 66
151. advanced-checks:
152. # Should we check if string.length() == stringBytes.length? China chars etc. will be blocked
153. check-difference-string-bytes: false
154. encryption-limitter: true
155. handshake-limitter: true
156. # Should we block every new connection when cps are higher than X? Set to -1 to disable.
157. # If you have any issues with AuthSmasher and it is not fixed yet please set it to something like 150 or bigger to block only authsmasher, not bot attacks
158. block-new-connections-when-cps-is-higher-than: -1
159. # Should we limit connections per ip for 3 seconds if BLOCK_NEW_CONNECTIONS_WHEN_CPS_IS_HIGHER_THAN exceed?
160. limit-connections-per-ip-when-attack: true
161. # If LIMIT_CONNECTIONS_PER_IP_WHEN_ATTACK is true, how high is the limit?
162. limit-connections-per-ip-when-attack-limit: 7
163. # Is your server being attacked with AuthSmasher?
164. # Do you have cracked players only? (Like online-mode=false and there is no plugin like FastLogin or JPremium)
165. # If yes - please enable this option, it will surely prevent AuthSmasher, because they use this packet to crash the server while.... packet is useless so we can remove it!
166. remove-encryption: true
167. # Blacklist configuration
168. blacklist:
169. # Should we block addresses/ips if they send invalid packets? (null ping / bungee smasher etc)
170. enabled: true
171. # Blacklist mode!
172. # 0 - IPSet + File + Runtime (blacklist.txt)
173. # 1 - Runtime + File
174. # Default: 1 - Runtime block and file should be enough.
175. blacklist-mode: 1
176. # Configuration of blacklist in file (blacklist.txt)
177. file:
178. # When file is empty (0 blacklisted proxies) should we download proxies from yooniks website to your blacklist.txt?
179. load-from-url-when-file-is-empty: true
180. # Works only when IPSet is installed
181. # Run these commands in root, not bungee!
182. # To install IPSet: apt-get install ipset
183. # After installing IPSet you have to create blacklist list: ipset create -! blacklist hash:ip hashsize 4096
184. # If you do that all the blacklist size will be much faster and bad connections will be blocked much faster which blocks every attack much faster
185. block-with-ipset-when-file-loaded: false
186. commands:
187. # Command that is being executed when we block an address
188. # If you are using Windows (instead of Unix-like system), replace the command with that one:
189. # cmd /c netsh advfirewall firewall add rule name=blacklist dir=in interface=any protocol=TPC localport=25565 action=block remoteip={ip}/32
190. block-command: "ipset -! -A blacklist {ADDRESS}"
191. # A command that we will use to install IPSet on your machine.
192. # apt --yes install ipset <--- APT (e.g. Debian, Ubuntu)
193. # yum -y install ipset <--- YUM (e.g. CentOS, older versions of Fedora)
194. # dnf -assumeyes install ipset <--- DNF (e.g. newer versions of Fedora)
195. install-ipset-command: "apt-get --yes install ipset"
196. # A command that we will use to configure/setup the blacklist with ipset
197. configure-ipset-command: "ipset create -! blacklist hash:ip hashsize 4096"
198. # Should AntiBot block connections with blacklist if we are sure that it is bot?
199. block-when-sure: true
200. # Max captcha failures in 5 minutes, per one ip address
201. # If address exceed this limit it will be blocked
202. # Works only if connections per sec > 2 or pings per second > 10
203. max-captcha-failures: 5
204. # If ip cannot go through ping-shell 10 times, per one ip address
205. # Then it will be blocked with blacklist
206. # Works only when connections per second > 3 or pings per second > 20
207. max-ping-shell-failures: 10
208. # If ip cannot go through name-match more than 1 time, per one ip address
209. # Then it will be blocked with blacklist
210. # Works only when connections per second > 5 or pings per second > 50
211. max-name-match-failures: 1
212.  
213. # AntiVPN settings!
214. # You can configure websites (url), keys for websites etc. in aegis_antibot.yml
215. antivpn:
216. enabled: false
217. title-checking: "&7%nl%&eПроверка..."
218. title-checked: "&aПроверка пройдена%nl%&fУдачной игры!"
219. chat-checking: "&eПроверка..."
220. chat-checked: "&aВы не используете VPN. Проверка успешно пройдена."
221. kick-message: "&cВаш IP адрес заблокирован. Вы используете VPN или Proxy."
222. too-long: "&cСлишком долгая верификация..."
223. # Country checker settings
224. country-checker:
225. # Should we block some countries? Is it feature enabled?
226. # To check the country of player we use website: http://ip-api.com/
227. enabled: false
228. # List of allowed countries (country codes!)
229. allowed-countries:
230. - "RU"
231. - "UA"
232. - "BY"
233. - "KZ"
234. - "EE"
235. - "MD"
236. - "KG"
237. - "AZ"
238. - "LT"
239. - "LV"
240. - "GE"
241. - "PL"
242. # URL of website
243. # You can put your paid key here.
244. # Default limit of requests per minute is 150, if it exceed the limit we allow the player.
245. url: "http://ip-api.com/json/{ADDRESS}"
246. # Limit of requests per minute
247. # If you have any paid key you can change that value to higher one.
248. requests-limit: 150
249.  
250. # Auth system configuration
251. auth:
252. # Is auth system enabled?
253. enabled: false
254. # MySQL configuration
255. mysql:
256. # Server certification?
257. use-ssl: false
258. hostname: "127.0.0.1"
259. port: 3306
260. user: "user"
261. password: "password"
262. database: "database"
263. # Database type: mysql or sqlite
264. type: "sqlite"
265. # Encryption/hash type, bcrypt or sha-256 (bcrypt is much better)
266. encryption: "bcrypt"
267. # Auth messages
268. messages:
269. loading-user-chat: "&6&lAegis: &cLoading your data.."
270. loading-user-title: "&6&lAegis%nl%&cLoading your data.."
271. loaded-user: "&6&lAegis: &cLoaded your data!"
272. premium-message-chat: "&6&lAegis: &cYou are premium user! Moving to the server automatically.."
273. premium-message-title: "&6&lAegis%nl%&cPremium user!"
274. login-message: "&6&lAegis: &cPlease login by using &6/login [password]&c!"
275. register-message: "&6&lAegis: &cPlease register by using &6/register [password] [password]&c!"
276. logged-message: "&6&lAegis: &aYou have been logged-in successfully!"
277. registered-message: "&6&lAegis: &aYour account has been registered successfully!"
278. logged-message-title: "&6&lAegis%nl%&cLogged in!"
279. login-message-title: "&6&lAegis%nl%&cPlease login yourself."
280. register-message-title: "&6&lAegis%nl%&cPlease register your acc."
281. your-data-is-being-loaded: "&6&lAegis: &cYou cannot use this command! Your data is not loaded yet."
282. premium-user-cannot-do-that: "&6&lAegis: &cYou are &6premium user&c, you cannot do that!"
283. passwords-do-not-match: "&6&lAegis: &cPasswords do not match!"
284. kick-message-too-long: "&6&lAegis%nl%&cYou have to log-in in 30 seconds!"
285. premium-need-relogin: "&6&lAegis%nl%&cYou are &6PREMIUM &cuser! &cPlease re-login to finish verification!"
286. wrong-name: "&6&lAegis%nl%&cYou should join with nickname &6{OLD-NAME}&c!"
287. changepassword-same-pass: "&6&lAe&e&lgis&8: &cCurrent and new password are the same!"
288. changepassword-usage: "&6&lAe&e&lgis&8: &cCorrect usage: &6/changepassword [current password] [new password]"
289. changepassword-error-premium: "&6&lAe&e&lgis&8: &cYou are premium user! You cannot change your password because it doesn't exist."
290. changepassword-wrong-pass: "&6&lAe&e&lgis&8: &cTyped password is incorrect!"
291. changepassword-success: "&6&lAe&e&lgis&8: &cYou have changed your &6password&c!"
292. changepassword-not-logged: "&6&lAe&e&lgis&8: &cYou are not logged!"
293. # If you want every player to /register and /login, even if they are premium players and you don't want them to be auto-logged just set it to false.
294. allow-premium-users: true
295. # Should we ask user if he is seriously premium user? Maybe it's cracked player with cracked launcher that just uses premium nickname? Then he will not be able to join with cracked launcher when he use premium nickname. If you want to allow these cracked people to use premium nicknames and ask them if they are premium then just set it to true.
296. ask-users-if-premium-when-premium: true
297. ask-user-when-premium-chat: "&6&lAe&e&lgis&8: &c--> &6Are you premium user? &cWe detected that your nickname is premium name, if you are using premium launcher please type &6YES&c on the chat, if you are cracked (non-premium) user - type &6NO&c on chat."
298. ask-user-when-premium-title: "&cAre you &6premium user&c?%nl%&cType &a&lYES &cor &c&lNO &con chat."
299. # What the asked player has to write on chat to agree that he is premium user?
300. ask-user-if-premium-yes-answer: "yes"
301. # YES answer of premium user in other languages like German and Polish
302. # In lowerCase (small letters)! So please do not write e.g JA here, just ja!
303. ask-user-if-premium-yes-answer-aliases:
304. - "ja"
305. - "tak"
306. # What the asked player has to write on chat to agree that he is cracked/non-premium user?
307. ask-user-if-premium-no-answer: "no"
308. # NO answer of premium user in other languages like German and Polish
309. # In lowerCase (small letters)! So please do not write e.g NEIN here, just nein!
310. ask-user-if-premium-no-answer-aliases:
311. - "nein"
312. - "nie"
313.  
314. # Database Setup
315. sql:
316. # Database type. sqlite or mysql
317. storage-type: "sqlite"
318. # After how many days to remove players from the database, which have been tested and no longer entered. 0 or less to stop
319. purge-time: 14
320. # Settings for mysql
321. hostname: "localhost"
322. port: 3306
323. user: "user"
324. password: "password"
325. database: "database"
326. # How many players / bots should go in 1 minute for protection to be activated
327. # Recommended options when there is no advertising:
328. # Up to 150 online - 25, up to 250 - 30, up to 350 - 35, up to 550 - 40.45, above - adjust to yourself
329. # It is recommended to increase these values ​​during an advertisement or when a current is flowing.
330. protection-threshold: 28
331. # How long is automatic protection active? In milliseconds. 1 second = 1000
332. protection-time: 120000
333. # Check whether the bot on entering the server during a bot attack, regardless of whether the check passed or not
334. force-check-on-attack: true
335. # Show online with filter (will show players that are being verified in motd), we do not want to show bots in players count so it is disabled by default
336. show-online: false
337. # How much time does the player have to go through the defense. In milliseconds. 1 second = 1000
338. time-out: 12700
339. # Enable / Disable compatibility with old plugins that use ScoreBoard on a bungee?
340. # Set to false if there are problems with new plugins.
341. fix-scoreboards: true
342. # Fix for: 'Team 'xxx' already exist in this scoreboard'
343. fix-scoreboard-teams: true