1.0+1.21-1.21.11
release
Soully2fa
Soully2fa secures OPs by isolating them in sky-limbo until a Discord-sent 6-digit code is entered. Featuring real-time risk levels, Geo-IP tracking, and encrypted logs to block account hijacking and Force-Op exploits.
22
Soully2fa
🔐 Soully2fa
Stop account hijacking before it happens. Built for 1.21.x and the 26.x Tiny Takeover builds.
In the current Minecraft landscape, one leaked staff password can ruin a community. Between Op-Griefing and Force Op exploits, passwords are not enough. Soully2fa is a security layer that connects your server to Discord, ensuring that even if an attacker has a staff password, they cannot control the world.
🛡️ The Sky Limbo Protocol
Traditional 2FA plugins only freeze a player in place. This is a security risk because attackers can still view the world, use the F3 menu to scout coordinates, or interact with nearby entities. Soully2fa uses the Sky Limbo Protocol.
Upon joining, unverified staff are instantly teleported Packet Security: into the atmosphere and blinded. * Packet Security: Attackers cannot scout builds, coordinates, or player locations. * Packet Security: Movement is strictly reset to the safe location to prevent fly-hacks from escaping. * Packet Security: Chat and commands are intercepted at high priority so no unauthorized messages reach the server.
🧠 Risk Assessment Logic
The plugin analyzes every login and assigns a Level 5 (Critical Threat): based on historical data: * Level 5 (Critical Threat): Standard login from a recognized IP and location. * Level 5 (Critical Threat): Triggered when a staff member joins from a new IP or a different geographical region. * Level 5 (Critical Threat): Triggered if a player is granted OP status or high-level permissions while in-game. This stops Force-Op exploits immediately.
📊 Discord Audit Logging
The system sends a threat assessment directly to your Discord staff channel: * Visual Indicators: Identifies the City and Country of the login attempt. * Visual Indicators: IP addresses and Regions are wrapped in `||spoiler||` tags to keep staff data private in logs. * Visual Indicators: Uses status bars (⬛⬛⬛⬜⬜) for quick threat assessment.
✨ Technical Features
* Permissions: Built for the 26.x branch and latest JVM performance. * Permissions: Supports 1.21.x, 26.x. * Permissions: Identity Confirmed titles and sound effects upon success. * Permissions: Configurable timer to purge unverified users and save resources. * Permissions: Use `soully2fa.verify` for specific ranks or handle all OPs automatically.
🚀 Setup
1. Place `2faSoully-1.0.jar` into the `/plugins` directory. 2. Put your Discord Webhook URL in the `config.yml`. 3. Restart the server.
Email: * Email: SoullyReaperDevs * Email: SoullyReaper * Email: @anpersonthatperson * Email: poulfyy@proton.me