settings: sessions: # Do you want to enable the session feature?

1. settings:
2. sessions:
3. # Do you want to enable the session feature?
4. # If enabled, when a player authenticates successfully,
5. # his IP and his nickname is saved.
6. # The next time the player joins the server, if his IP
7. # is the same as last time and the timeout hasn't
8. # expired, he will not need to authenticate.
9. enabled: false
10. # After how many minutes should a session expire?
11. # Remember that sessions will end only after the timeout, and
12. # if the player's IP has changed but the timeout hasn't expired,
13. # the player will be kicked from the server due to invalid session
14. timeout: 10
15. # Should the session expire if the player tries to log in with
16. # another IP address?
17. sessionExpireOnIpChange: true
18. # Message language, available languages:
19. # https://github.com/AuthMe/AuthMeReloaded/blob/master/docs/translations.md
20. messagesLanguage: 'br'
21. # Log level: INFO, FINE, DEBUG. Use INFO for general messages,
22. # FINE for some additional detailed ones (like password failed),
23. # and DEBUG for debugging
24. logLevel: 'FINE'
25. # By default we schedule async tasks when talking to the database. If you want
26. # typical communication with the database to happen synchronously, set this to false
27. useAsyncTasks: true
28. restrictions:
29. # Can not authenticated players chat?
30. # Keep in mind that this feature also blocks all commands not
31. # listed in the list below.
32. allowChat: false
33. # Hide the chat log from players who are not authenticated?
34. hideChat: false
35. # Allowed commands for unauthenticated players
36. allowCommands:
37. - '/login'
38. - '/register'
39. - '/l'
40. - '/reg'
41. - '/email'
42. - '/captcha'
43. # Max number of allowed registrations per IP
44. # The value 0 means an unlimited number of registrations!
45. maxRegPerIp: 2
46. # Minimum allowed username length
47. minNicknameLength: 5
48. # Maximum allowed username length
49. maxNicknameLength: 16
50. # When this setting is enabled, online players can't be kicked out
51. # due to "Logged in from another Location"
52. # This setting will prevent potential security exploits.
53. ForceSingleSession: true
54. ForceSpawnLocOnJoin:
55. # If enabled, every player that spawn in one of the world listed in
56. # "ForceSpawnLocOnJoin.worlds" will be teleported to the spawnpoint after successful
57. # authentication. The quit location of the player will be overwritten.
58. # This is different from "teleportUnAuthedToSpawn" that teleport player
59. # to the spawnpoint on join.
60. enabled: true
61. # WorldNames where we need to force the spawn location
62. # Case-sensitive!
63. worlds:
64. - 'Spawn'
65. # This option will save the quit location of the players.
66. SaveQuitLocation: false
67. # To activate the restricted user feature you need
68. # to enable this option and configure the AllowedRestrictedUser field.
69. AllowRestrictedUser: false
70. # The restricted user feature will kick players listed below
71. # if they don't match the defined IP address. Names are case-insensitive.
72. # Example:
73. # AllowedRestrictedUser:
74. # - playername;127.0.0.1
75. AllowedRestrictedUser: []
76. # Should unregistered players be kicked immediately?
77. kickNonRegistered: false
78. # Should players be kicked on wrong password?
79. kickOnWrongPassword: false
80. # Should not logged in players be teleported to the spawn?
81. # After the authentication they will be teleported back to
82. # their normal position.
83. teleportUnAuthedToSpawn: true
84. # Can unregistered players walk around?
85. allowMovement: false
86. # Should not authenticated players have speed = 0?
87. # This will reset the fly/walk speed to default value after the login.
88. removeSpeed: true
89. # After how many seconds should players who fail to login or register
90. # be kicked? Set to 0 to disable.
91. timeout: 18
92. # Regex syntax of allowed characters in the player name.
93. allowedNicknameCharacters: '[a-zA-Z0-9_]*'
94. # How far can unregistered players walk?
95. # Set to 0 for unlimited radius
96. allowedMovementRadius: 1
97. # Should we protect the player inventory before logging in? Requires ProtocolLib.
98. ProtectInventoryBeforeLogIn: true
99. # Should we deny the tabcomplete feature before logging in? Requires ProtocolLib.
100. DenyTabCompleteBeforeLogin: true
101. # Should we display all other accounts from a player when he joins?
102. # permission: /authme.admin.accounts
103. displayOtherAccounts: false
104. # Ban ip when the ip is not the ip registered in database
105. banUnsafedIP: false
106. # Spawn priority; values: authme, essentials, multiverse, default
107. spawnPriority: 'essentials'
108. # Maximum Login authorized by IP
109. maxLoginPerIp: 0
110. # Maximum Join authorized by IP
111. maxJoinPerIp: 0
112. # AuthMe will NEVER teleport players if set to true!
113. noTeleport: false
114. # Regex syntax for allowed chars in passwords
115. allowedPasswordCharacters: '[\x21-\x7E]*'
116. # Threshold of the other accounts command, a value less than 2 means disabled.
117. otherAccountsCmdThreshold: 0
118. # Command to run when a user has more accounts than the configured threshold.
119. # Available variables: %playername%, %playerip%
120. otherAccountsCmd: ''
121. GameMode:
122. # Force survival gamemode when player joins?
123. ForceSurvivalMode: true
124. unrestrictions:
125. # Below you can list all account names that AuthMe will ignore
126. # for registration or login. Configure it at your own risk!!
127. # This option adds compatibility with BuildCraft and some other mods.
128. # It is case-insensitive! Example:
129. # UnrestrictedName:
130. # - 'npcPlayer'
131. # - 'npcPlayer2'
132. UnrestrictedName: []
133. security:
134. # Minimum length of password
135. minPasswordLength: 6
136. # Maximum length of password
137. passwordMaxLength: 30
138. # This is a very important option: every time a player joins the server,
139. # if they are registered, AuthMe will switch him to unLoggedInGroup.
140. # This should prevent all major exploits.
141. # You can set up your permission plugin with this special group to have no permissions,
142. # or only permission to chat (or permission to send private messages etc.).
143. # The better way is to set up this group with few permissions, so if a player
144. # tries to exploit an account they can do only what you've defined for the group.
145. # After, a logged in player will be moved to his correct permissions group!
146. # Please note that the group name is case-sensitive, so 'admin' is different from 'Admin'
147. # Otherwise your group will be wiped and the player will join in the default group []!
148. # Example unLoggedinGroup: NotLogged
149. unLoggedinGroup: 'unLoggedinGroup'
150. # Possible values: SHA256, BCRYPT, BCRYPT2Y, PBKDF2, SALTEDSHA512, WHIRLPOOL,
151. # MYBB, IPB3, PHPBB, PHPFUSION, SMF, XENFORO, XAUTH, JOOMLA, WBB3, WBB4, MD5VB,
152. # PBKDF2DJANGO, WORDPRESS, ROYALAUTH, CUSTOM (for developers only). See full list at
153. # https://github.com/AuthMe/AuthMeReloaded/blob/master/docs/hash_algorithms.md
154. passwordHash: 'SHA256'
155. # Salt length for the SALTED2MD5 MD5(MD5(password)+salt)
156. doubleMD5SaltLength: 8
157. # If a password check fails, AuthMe will also try to check with the following hash methods.
158. # Use this setting when you change from one hash method to another.
159. # AuthMe will update the password to the new hash. Example:
160. # legacyHashes:
161. # - 'SHA1'
162. legacyHashes: []
163. # Number of rounds to use if passwordHash is set to PBKDF2. Default is 10000
164. pbkdf2Rounds: 10000
165. # Prevent unsafe passwords from being used; put them in lowercase!
166. # You should always set 'help' as unsafePassword due to possible conflicts.
167. # unsafePasswords:
168. # - '123456'
169. # - 'password'
170. # - 'help'
171. unsafePasswords:
172. - '123456'
173. - 'password'
174. - 'qwerty'
175. - '12345'
176. - '54321'
177. - '123456789'
178. - 'help'
179. registration:
180. # Enable registration on the server?
181. enabled: true
182. # Send every X seconds a message to a player to
183. # remind him that he has to login/register
184. messageInterval: 6
185. # Only registered and logged in players can play.
186. # See restrictions for exceptions
187. force: true
188. # Type of registration: PASSWORD or EMAIL
189. # PASSWORD = account is registered with a password supplied by the user;
190. # EMAIL = password is generated and sent to the email provided by the user.
191. # More info at https://github.com/AuthMe/AuthMeReloaded/wiki/Registration
192. type: 'PASSWORD'
193. # Second argument the /register command should take: NONE = no 2nd argument
194. # CONFIRMATION = must repeat first argument (pass or email)
195. # EMAIL_OPTIONAL = for password register: 2nd argument can be empty or have email address
196. # EMAIL_MANDATORY = for password register: 2nd argument MUST be an email address
197. secondArg: 'CONFIRMATION'
198. # Do we force kick a player after a successful registration?
199. # Do not use with login feature below
200. forceKickAfterRegister: false
201. # Does AuthMe need to enforce a /login after a successful registration?
202. forceLoginAfterRegister: true
203. # Enable to display the welcome message (welcome.txt) after a login
204. # You can use colors in this welcome.txt + some replaced strings:
205. # {PLAYER}: player name, {ONLINE}: display number of online players,
206. # {MAXPLAYERS}: display server slots, {IP}: player ip, {LOGINS}: number of players logged,
207. # {WORLD}: player current world, {SERVER}: server name
208. # {VERSION}: get current bukkit version, {COUNTRY}: player country
209. useWelcomeMessage: false
210. # Broadcast the welcome message to the server or only to the player?
211. # set true for server or false for player
212. broadcastWelcomeMessage: false
213. # Should we delay the join message and display it once the player has logged in?
214. delayJoinMessage: false
215. # The custom join message that will be sent after a successful login,
216. # keep empty to use the original one.
217. # Available variables:
218. # {PLAYERNAME}: the player name (no colors)
219. # {DISPLAYNAME}: the player name (with colors)
220. customJoinMessage: ''
221. # Should we remove the leave messages of unlogged users?
222. removeUnloggedLeaveMessage: true
223. # Should we remove join messages altogether?
224. removeJoinMessage: true
225. # Should we remove leave messages altogether?
226. removeLeaveMessage: true
227. # Do we need to add potion effect Blinding before login/reigster?
228. applyBlindEffect: false
229. # Do we need to prevent people to login with another case?
230. # If Xephi is registered, then Xephi can login, but not XEPHI/xephi/XePhI
231. preventOtherCase: true
232. permission:
233. # Take care with this option; if you want
234. # to use group switching of AuthMe
235. # for unloggedIn players, set this setting to true.
236. # Default is false.
237. EnablePermissionCheck: false
238. Email:
239. # Email SMTP server host
240. mailSMTP: 'mail.czpvp.com.br'
241. # Email SMTP server port
242. mailPort: 465
243. # Email account which sends the mails
244. mailAccount: 'contato@czpvp.com.br'
245. # Email account password
246. mailPassword: '2828czpvp5454'
247. # Email address, fill when mailAccount is not the email address of the account
248. mailAddress: 'contato@czpvp.com.br'
249. # Custom sender name, replacing the mailAccount name in the email
250. mailSenderName: 'CZPVP'
251. # Recovery password length
252. RecoveryPasswordLength: 8
253. # Mail Subject
254. mailSubject: 'Sua senha nova'
255. # Like maxRegPerIP but with email
256. maxRegPerEmail: 1
257. # Recall players to add an email?
258. recallPlayers: true
259. # Delay in minute for the recall scheduler
260. delayRecall: 5
261. # Blacklist these domains for emails
262. emailBlacklisted:
263. - '10minutemail.com'
264. # Whitelist ONLY these domains for emails
265. emailWhitelisted: []
266. # Send the new password drawn in an image?
267. generateImage: false
268. # The OAuth2 token
269. emailOauth2Token: ''
270. Hooks:
271. # Do we need to hook with multiverse for spawn checking?
272. multiverse: false
273. # Do we need to hook with BungeeCord?
274. bungeecord: false
275. # Send player to this BungeeCord server after register/login
276. sendPlayerTo: ''
277. # Do we need to disable Essentials SocialSpy on join?
278. disableSocialSpy: false
279. # Do we need to force /motd Essentials command on join?
280. useEssentialsMotd: false
281. GroupOptions:
282. # Unregistered permission group
283. UnregisteredPlayerGroup: ''
284. # Registered permission group
285. RegisteredPlayerGroup: ''
286. Protection:
287. # Enable some servers protection (country based login, antibot)
288. enableProtection: false
289. # Apply the protection also to registered usernames
290. enableProtectionRegistered: true
291. # Countries allowed to join the server and register. For country codes, see
292. # https://dev.bukkit.org/projects/authme-reloaded/pages/countries-codes
293. # PLEASE USE QUOTES!
294. countries:
295. - 'US'
296. - 'GB'
297. # Countries not allowed to join the server and register
298. # PLEASE USE QUOTES!
299. countriesBlacklist:
300. - 'A1'
301. # Do we need to enable automatic antibot system?
302. enableAntiBot: true
303. # The interval in seconds
304. antiBotInterval: 5
305. # Max number of players allowed to login in the interval
306. # before the AntiBot system is enabled automatically
307. antiBotSensibility: 10
308. # Duration in minutes of the antibot automatic system
309. antiBotDuration: 10
310. # Delay in seconds before the antibot activation
311. antiBotDelay: 60
312. Purge:
313. # If enabled, AuthMe automatically purges old, unused accounts
314. useAutoPurge: false
315. # Number of days after which an account should be purged
316. daysBeforeRemovePlayer: 60
317. # Do we need to remove the player.dat file during purge process?
318. removePlayerDat: false
319. # Do we need to remove the Essentials/userdata/player.yml file during purge process?
320. removeEssentialsFile: false
321. # World where are players.dat stores
322. defaultWorld: 'world'
323. # Remove LimitedCreative/inventories/player.yml, player_creative.yml files during purge?
324. removeLimitedCreativesInventories: false
325. # Do we need to remove the AntiXRayData/PlayerData/player file during purge process?
326. removeAntiXRayFile: false
327. # Do we need to remove permissions?
328. removePermissions: false
329. Security:
330. SQLProblem:
331. # Stop the server if we can't contact the sql database
332. # Take care with this, if you set this to false,
333. # AuthMe will automatically disable and the server won't be protected!
334. stopServer: true
335. console:
336. # Remove passwords from console?
337. removePassword: true
338. # Copy AuthMe log output in a separate file as well?
339. logConsole: true
340. captcha:
341. # Enable captcha when a player uses wrong password too many times
342. useCaptcha: false
343. # Max allowed tries before a captcha is required
344. maxLoginTry: 5
345. # Captcha length
346. captchaLength: 5
347. tempban:
348. # Tempban a user's IP address if they enter the wrong password too many times
349. enableTempban: false
350. # How many times a user can attempt to login before their IP being tempbanned
351. maxLoginTries: 10
352. # The length of time a IP address will be tempbanned in minutes
353. # Default: 480 minutes, or 8 hours
354. tempbanLength: 480
355. # How many minutes before resetting the count for failed logins by IP and username
356. # Default: 480 minutes (8 hours)
357. minutesBeforeCounterReset: 480
358. recoveryCode:
359. # Number of characters a recovery code should have (0 to disable)
360. length: 8
361. # How many hours is a recovery code valid for?
362. validForHours: 4
363. BackupSystem:
364. # Enable or disable automatic backup
365. ActivateBackup: false
366. # Set backup at every start of server
367. OnServerStart: false
368. # Set backup at every stop of server
369. OnServerStop: true
370. # Windows only mysql installation Path
371. MysqlWindowsPath: 'C:\Program Files\MySQL\MySQL Server 5.1\'