Anti-VPN | Get the best; save money on overpriced plugins and block VPN users!


Looking for the Bukkit/Paper version? Find it here!
Looking for the Bungee/Waterfall version? Find it here!


The first time Anti-VPN is run it will take some time to start up. this is normal, and will very rarely (if ever) take that long again.

Download: Jenkins

Wiki
Installation instructions can be found on the wiki here. It it highly recommended to read the wiki.


Confused? Check the wiki!

# How the plugin stores long-term data
storage:
  # The storage method
  #
  # Options:
  # - MySQL (remote)
  # - SQLite (local)
  method: 'sqlite'

  data:
    # Address and port of the remote database (if applicable)
    address: '127.0.0.1:3306'
    # The name of the database Anti-VPN will store data in
    # If you're using remote options, this must be created beforehand
    database: 'avpn'
    # Table prefix for all Anti-VPN tables
    prefix: 'antivpn_'
    # Database credentials (if applicable)
    username: ''
    password: ''
    # Whether or not to use SSL
    ssl: false

    # MongoDB options- obviously don't need to worry about these if not using MongoDB ;)
    mongodb:
      # Connection prefix for all Anti-VPN connections
      collection-prefix: ''
      # MongoDB ClientConnectionURI
      connection-uri: ''

  settings:
    # The maximum size of the database connection pool
    # Determines the max number of connections to the database
    max-pool-size: 2
    # The minimum size of the satabase connection pool
    # Determines the min number of connections kept alive to the database
    min-idle: 2
    # The maximum lifetime of a connection in the pool
    # Should be at least 30 seconds less than any database or infrastructure-imposed connection time limit
    max-lifetime: 1800000 # 30 minutes
    # The maximum number of milliseconds that the plugin will wait for a new connection from the pool before timing out
    timeout: 5000 # 5 seconds

    # Extra connection properties
    properties:
      unicode: true
      encoding: 'utf8'

# Redis is a very fast cache accessible by multiple servers
# If you don't want to constantly hit your database for queries, try enabling and configuring this
# You will need to install the (external) Redis server software if you haven't already
# https://redis.io/
redis:
  enabled: false
  # Address and port of the remote Redis server
  address: '127.0.0.1:6379'
  # Redis credentials
  password: ''

# RabbitMQ is a messaging queue that will allow the plugin to push instant updates across multiple servers
# You will need to install the (external) RabbitMQ server software if you haven't already
# https://www.rabbitmq.com/
rabbitmq:
  enabled: false
  # Address and port of the remote RabbitMQ server
  address: '127.0.0.1:5672'
  # RabbitMQ credentials
  username: 'guest'
  password: 'guest'

# Where VPN-checking sources are defined
# Beware the more sources that are included (and fail) the worse the performance and the more the lag
sources:
  # The amount of time to globally cache results across all sources
  # This should be as high as possible to avoid rate-limits but as low as possible to ensure results are always up-to-date and accurate
  cacheTime: '6hours'

  # The order to try results in
  order:
  - 'iphub'
  - 'proxycheck'
  - 'iphunter'
  - 'getipintel'
  - 'ipqualityscore'
  - 'vpnblocker'
  - 'ip2proxy'
  - 'teoh'
  - 'shodan'
  - 'ipwarner'

  # https://iphub.info/
  # Results updated Jul 7, 2019
  # Error rate: 0%
  # NordVPN detection rate: 85.71%
  # Cryptostorm detection rate: 100%
  # False-flagged homes: 0%
  iphub:
    enabled: false
    # API key to use (Required for this service, free one available at https://iphub.info/apiKey/newFree )
    key: ''
    # The block type at which an IP is considered "bad"
    block: 1

  # https://proxycheck.io
  # Results updated Jul 7, 2019
  # Error rate: 0%
  # NordVPN detection rate: 80.95%
  # Cryptostorm detection rate: 100%
  # False-flagged homes: 0%
  proxycheck:
    enabled: true
    # Optional API key to use
    key: ''

  # https://www.iphunter.info/
  # Results updated Jul 7, 2019
  # Error rate: 0%
  # NordVPN detection rate: 95.24%
  # Cryptostorm detection rate: 90%
  # False-flagged homes: 40%
  iphunter:
    enabled: false
    # API key to use (Required for this service, free one available at https://www.iphunter.info/user/register )
    key: ''
    # The block type at which an IP is considered "bad"
    block: 1

  # https://www.getipintel.net/
  # Results updated Sep 6, 2018
  # Error rate: 5%
  # NordVPN detection rate: 90.48%
  # Cryptostorm detection rate: 100%
  # False-flagged homes: 40%
  getipintel:
    enabled: true
    # Contact e-mail in case things go wrong. Required
    contact: '[email protected]'
    # Threshold above which an IP is considered "bad"
    threshold: 0.98

  # https://www.ipqualityscore.com/
  # Results updated Jul 7, 2019
  # Error rate: 0%
  # NordVPN detection rate: 90.48%
  # Cryptostorm detection rate: 90%
  # False-flagged homes: 40%
  ipqualityscore:
    enabled: false
    # API key to use (Required for this service, free one available at https://www.ipqualityscore.com/create-account )
    key: ''
    # Threshold above which an IP is considered "bad"
    threshold: 0.65

  # https://vpnblocker.net/usage
  # Results updated Jul 7, 2019
  # Error rate: 0%
  # NordVPN detection rate: 66.67%
  # Cryptostorm detection rate: 95%
  # False-flagged homes: 10%
  vpnblocker:
    enabled: true
    # Optional API key to use
    key: ''

  # https://www.ip2location.com/web-service/ip2proxy
  # Results updated Jul 18, 2019
  # Error rate: 0%
  # NordVPN detection rate: 100%
  # Cryptostorm detection rate: 60%
  # False-flagged homes: 0%
  ip2proxy:
    enabled: true
    # API key to use (Required for this service, free one available using 'demo' or at https://www.ip2location.com/register?id=1006 )
    key: 'demo'

  # https://ip.teoh.io/vpn-detection
  # Results updated Jul 7, 2019
  # Error rate: 10%
  # NordVPN detection rate: 61.90%
  # Cryptostorm detection rate: 100%
  # False-flagged homes: 0%
  teoh:
    enabled: true

  # https://www.shodan.io/
  # Results updated Jul 7, 2019
  # Error rate: 94.52%
  # NordVPN detection rate: 95.24%
  # Cryptostorm detection rate: 60%
  # False-flagged homes: 0%
  shodan:
    enabled: false
    # API key to use (Required for this service)
    key: ''

  # https://ipwarner.com/
  ipwarner:
    enabled: false
    # API key to use (Required for this service, free one available at https://ipwarner.com/register )
    key: ''

action:
  # The kick message to display to players who are using VPNs
  # If left blank, will not kick the player
  kick-message: '&cPlease disconnect from your proxy or VPN before re-joining!'
  # The command that CONSOLE will run for players who are using VPNs
  # Use %player% as a placeholder for the player's (real) name
  # Use %uuid% as a placeholder for the player's uuid
  # If left blank, will not run anything
  command: ''

  algorithm:
    # The algorithm method
    #
    # Options:
    # - Cascade
    #   The plugin will go down the "sources" list, sequentially, until a valid source is found
    #   It will then query that source and return the result
    #   This will result in essentially "the first valid result" being returned
    # - Consensus
    #   The plugin will try every source in the "sources" list at once
    #   It will then strip invalid results, and calculate the ratio of results from the remaining sources
    #   This will result in essentially "the ratio of valid results" being returned
    method: 'cascade'

    # Only used for "consensus" mode
    # The minimum ratio of APIs that must agree before a player is kicked
    # For example, if set to "0.6" then at least 60% of sources must agree that the IP is a VPN
    # The value can range from 0 to 1, and will be clipped at those values
    min-consensus: 0.6

  # IPs to ignore when checking for VPNs
  ignore:
  - '127.0.0.1'
  - 'localhost'
  - '::1'

# The amount of time to cache lookups in-memory
# Higher values require more memory
# Lower values will hit Redis/SQL/APIs more frequently
# Generally the default is good enough to prevent many sequential lookups from choking resources, but still keep memory usage low
cacheTime: '1minute'
# When true, logs some extra output to the console so you can see if/why things might be failing
debug: false
# The number of threads to use for web operations
threads: 4

stats:
  # Whether or not to send anonymous usage statistics to bStats
  # True: Send anonymous stats; let the author know how well the plugin is doing and how it's used!
  # False: Do not send stats and make the author sad :(
  usage: true
  # Whether or not to send anonymous errors to the author
  # True: Send errors anonymously to Rollbar and/or GameAnalytics so the author can fix them!
  # False: Do not send errors and wonder why any bugs you encounter haven't beeen fixed
  errors: true

update:
  # Whether or not to automatically check for updates and notify the console if found
  check: true
  # Whether or not to notify players with the avpn.admin permission node
  notify: true

# Config version, no touchy plz
version: 3.9


/avpn reload - Reloads the plugin configuration. This will disconnect and reconnect (if appropriate) any services configured in the config.yml file.
/avpn test - Test an IP through the various (enabled) services. Note that this forces a check so will use credits every time it’s run.
/avpn check - Check an IP using the default system. This will return exactly the same value as any other API call.
/avpn score - Scores a particular source based on a pre-made list of known good and bad IPs. Note that this forces a check so will use credits every time it’s run.


avpn.admin - allows access to the /avpn reload, /avpn test, /avpn check, and /avpn score commands
avpn.bypass - players with this node bypass the filter entirely


Please consider donating to support this free plugin!
PP_logo_h_150x38


According to the GDPR, you must specify that you are storing IP information to your players in a privacy policy when using this plugin (actually you need that if you’re running a vanilla server without this plugin because of server logs). Depending on how data provided from this API is used, you may be required to manually remove some data from the databases.
Disclaimer: I am a plugin developer, not a lawyer. This information is provided as a “best guess” and is not legal advice.


API documentation can be found on the wiki here.

Services that didn’t make the cut

stopforumspam
Error rate: 0%
NordVPN detection rate: 38.1%
Cryptostorm detection rate: 10%
False-flagged homes: 0%

[10:43:53 ERROR] [me.egg82.antivpn.VelocityBootstrap]: me.egg82.antivpn.AntiVPN.(java.lang.Object, com.velocitypowered.api.proxy.ProxyServer, com.velocitypowered.api.plugin.PluginDescription)

[10:43:53 ERROR]: Can’t create plugin antivpn

com.google.inject.ProvisionException: Unable to provision, see the following errors:

  1. Error injecting constructor, java.lang.RuntimeException: Could not create main class.
    at me.egg82.antivpn.VelocityBootstrap.(VelocityBootstrap.java:57)
    while locating me.egg82.antivpn.VelocityBootstrap

Velocity can’t currently create the main class. Becuase of this it wont start up

Going to take a wild guess and assume it’s related to this issue: https://github.com/aikar/commands/pull/216

I wanted to get that PR merged in time for Velocity’s release but sadly it never happened :frowning:

The good news is I’ve already built a version from that branch that works. You can find the download here - just put that in the AntiVPN/external directory and replace the existing file.

Otherwise, help me poke Aikar to merge the fix and get it uploaded to his repo :wink:

[19:42:23] [Velocity Event Executor - #1/INFO]: [Anti-VPN] Panda_China passed VPN check.

[19:42:23] [Velocity Event Executor - #1/ERROR]: Some errors occurred whilst posting event PostLoginEvent{player=[connected player] Panda_China (/39.89.149.236:14851)}.
[19:42:23] [Velocity Event Executor - #1/ERROR]: #1:

java.lang.NoClassDefFoundError: co/aikar/commands/ACFVelocityListener
at net.kyori.event.asm.generated.f77a69e826.ACFVelocityListener-onPlayerJoin-PostLoginEvent-7.invoke(Unknown Source) ~[?:?]
at net.kyori.event.method.SimpleMethodSubscriptionAdapter$MethodEventSubscriber.invoke(SimpleMethodSubscriptionAdapter.java:148) ~[proxy.jar:1.0.2-SNAPSHOT (git-a8684dde-b158)]
at net.kyori.event.SimpleEventBus.post(SimpleEventBus.java:107) ~[proxy.jar:1.0.2-SNAPSHOT (git-a8684dde-b158)]
at com.velocitypowered.proxy.plugin.VelocityEventManager.fireEvent(VelocityEventManager.java:136) ~[proxy.jar:1.0.2-SNAPSHOT (git-a8684dde-b158)]
at com.velocitypowered.proxy.plugin.VelocityEventManager.lambda$fire$0(VelocityEventManager.java:117) ~[proxy.jar:1.0.2-SNAPSHOT (git-a8684dde-b158)]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) ~[?:1.8.0_211]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) ~[?:1.8.0_211]
at java.lang.Thread.run(Unknown Source) [?:1.8.0_211]
Caused by: java.lang.ClassNotFoundException: co.aikar.commands.ACFVelocityListener
at java.lang.ClassLoader.findClass(Unknown Source) ~[?:1.8.0_211]
at java.lang.ClassLoader.loadClass(Unknown Source) ~[?:1.8.0_211]
at java.lang.ClassLoader.loadClass(Unknown Source) ~[?:1.8.0_211]
… 8 more
[19:42:23] [Netty NIO Worker #2/INFO]: [server connection] Panda_China -> practice has connected
[19:42:24] [Velocity Event Executor - #0/ERROR]: Some errors occurred whilst posting event PlayerSettingsChangedEvent{player=[connected player] Panda_China (/39.89.149.236:14851), playerSettings=co[email protected]1dca4c6}.
[19:42:24] [Velocity Event Executor - #0/ERROR]: #1:

java.lang.NoClassDefFoundError: co/aikar/commands/ACFVelocityListener
at net.kyori.event.asm.generated.f77a69e826.ACFVelocityListener-onSettingsChange-PlayerSettingsChangedEvent-8.invoke(Unknown Source) ~[?:?]
at net.kyori.event.method.SimpleMethodSubscriptionAdapter$MethodEventSubscriber.invoke(SimpleMethodSubscriptionAdapter.java:148) ~[proxy.jar:1.0.2-SNAPSHOT (git-a8684dde-b158)]
at net.kyori.event.SimpleEventBus.post(SimpleEventBus.java:107) ~[proxy.jar:1.0.2-SNAPSHOT (git-a8684dde-b158)]
at com.velocitypowered.proxy.plugin.VelocityEventManager.fireEvent(VelocityEventManager.java:136) ~[proxy.jar:1.0.2-SNAPSHOT (git-a8684dde-b158)]
at com.velocitypowered.proxy.plugin.VelocityEventManager.lambda$fireAndForget$1(VelocityEventManager.java:132) ~[proxy.jar:1.0.2-SNAPSHOT (git-a8684dde-b158)]
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) ~[?:1.8.0_211]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) ~[?:1.8.0_211]
at java.lang.Thread.run(Unknown Source) [?:1.8.0_211]
Caused by: java.lang.ClassNotFoundException: co.aikar.commands.ACFVelocityListener
at java.lang.ClassLoader.findClass(Unknown Source) ~[?:1.8.0_211]
at java.lang.ClassLoader.loadClass(Unknown Source) ~[?:1.8.0_211]
at java.lang.ClassLoader.loadClass(Unknown Source) ~[?:1.8.0_211]
… 8 more

That was an issue with Aikar’s ACF -I believe it should be fixed by now, so give it another shot!

Sorry about that :frowning: