Anti Op Abuse

simple plugin that replays all console logs + creative mode interactions to a webhook excluding auth messages, and private messages (/msg), also masks IPs

91

Quick challenge

How far can you run before the mobs catch you?

Anti Op Abuse

AntiOpAbuse ⛔

yo server admins are probably abusing yk so this plugin gives you trust

AntiOpAbuse watches the server console 24/7 and rats out everything to a Discord webhook in real time. *Every* command, ANY item taken from creative inventory. but with safeguards; no join IPs shown, no auth messages shown, no /msg, /team chat shown

No alerts are give to OP, nor can they disable it. catches consoles offguard too.

---

What it does

- 📡 Commands ONLY option in config — every console line gets forwarded to Discord in real time - 🎨 Commands ONLY option in config — logs every item a creative mode player takes, because "I was just looking" is not an excuse - 🤐 Commands ONLY option in config — filters out IPs, DMs, and passwords so no leaking sensitive stuff - ⚡ Commands ONLY option in config — runs completely async, the main thread has no idea this is even happening - 🛡️ Commands ONLY option in config — there is no command to turn it off. No permission node. No secret backdoor. The only way to stop it is to physically remove the jar, which, good luck explaining that one - 🔁 Commands ONLY option in config — it waits, it retries, it doesn't give up - 🔧 Commands ONLY option in config — ye js two. its minimal af. (or i was js not able to find more config options lol) - 🧹 Commands ONLY option in config — tired of reading your whole chat and only wanna see the abuse?, this one fixes that (it does not affect creative menu logging)

---

Works on

| Server | Supported | |--------|-----------| | PaperMC | ✅ | | Spigot | ✅ | | Bukkit | ✅ | | Purpur | ✅ |

- Java: 1.18.x – 1.21.x (guaranteed), prob works on 1.15+ too but js to be safe - Java: 17+ (if you're still on Java 8 please close this tab)

---

Setup

1. grab the jar from download option 2. chunk it in `plugins/` 3. start the server, itll generate the config 4. open `plugins/AntiOpAbuse/config.yml` and paste your webhook URL 5. Run `/antiopabuse reload` 6. now try to abuse haha

---

Config

```yaml

AntiOpAbuse Configuration

─────────────────────────────────────────────────────────────────

webhook-url : Your Discord webhook URL.

Create one under Server Settings → Integrations → Webhooks.

send-as-codeblock : Wrap each log line in a Discord code block for

monospace / easy reading. Set false for plain text.

commands-only : When true, filters out noisy lines like player chat,

join/leave messages, server lag warnings, and plugin spam.

Commands, console output, warnings, errors, and creative

logs still come through. IPs, private messages, and auth

plugin output are always filtered regardless.

─────────────────────────────────────────────────────────────────

webhook-url: "DISCORD_WEBHOOK_HERE" send-as-codeblock: true commands-only: false

```

yep no backdoors or disable options

---

What it looks like in Discord

Console relay: ``` [INFO]: adminabuser issued server command: /op xX_GrieferKing_Xx [INFO]: scaryop issued server command: /give @a diamond 64 [INFO]: katR issued server command: /ban Steve [INFO]: katR is the goat fr ```

Creative inventory logging: ``` [CREATIVE] ezznub took 64x golden_apples [CREATIVE] abuser1 took 1x bedrock [CREATIVE] fullnethin1day took 64x netherite_ingot ``` > caught instantly nubz

---

Commands

| Command | What it does | |---------|-------------| | `/antiopabuse webhook` | Pings Discord and tells you if it's working | | `/antiopabuse reload` | Reloads the config so you don't have to restart | | `/antiopabuse logs` | displays last 50 logs (can be run by all players) | Alias: `/aoa` for when your js lazy

Only OPs can run these. And yea, running them gets logged too.

---

What it won't snitch on

we trynna help players not expose them

- Auth plugin stuff — nobody needs those in Discord - Auth plugin stuff — private messages stay private - Auth plugin stuff — passwords, login attempts, all filtered out

---

ADS