version: "1.1.14"
# Available serializers:
# LEGACY_AMPERSAND - "&c&lExample &c&9Text".
# LEGACY_SECTION - "§c§lExample §c§9Text".
# MINIMESSAGE - "Example Text". (https://webui.adventure.kyori.net/)
# GSON - "[{"text":"Example","bold":true,"color":"red"},{"text":" ","bold":true},{"text":"Text","bold":true,"color":"blue"}]". (https://minecraft.tools/en/json_text.php/)
# GSON_COLOR_DOWNSAMPLING - Same as GSON, but uses downsampling.
serializer: LEGACY_AMPERSAND
prefix: "&x&F&C&D&0&5&Cᴀ&x&F&1&C&4&5&3ʙ&x&E&5&B&8&4&9ᴏ&x&D&A&A&C&4&0ʙ&x&C&F&A&0&3&6ᴀ&x&C&3&9&4&2&Dᴡ&x&B&8&8&8&2&3ᴏ&x&A&D&7&C&1&Aʀ&x&A&1&7&0&1&0ʟ&x&9&6&6&4&0&7ᴅ"
# Don't use \n, use {NL} for new line, and {PRFX} for prefix.
main:
# Maximum time for player to authenticate in milliseconds. If the player stays on the auth limbo for longer than this time, then the player will be kicked.
auth-time: 60000
enable-bossbar: false
# Available colors: PINK, BLUE, RED, GREEN, YELLOW, PURPLE, WHITE
bossbar-color: YELLOW
# Available overlays: PROGRESS, NOTCHED_6, NOTCHED_10, NOTCHED_12, NOTCHED_20
bossbar-overlay: NOTCHED_20
min-password-length: 6
# Max password length for the BCrypt hashing algorithm, which is used in this plugin, can't be higher than 71. You can set a lower value than 71.
max-password-length: 70
check-password-strength: true
unsafe-passwords-file: "unsafe_passwords.txt"
# Players with premium nicknames should register/auth if this option is enabled
# Players with premium nicknames must login with a premium Minecraft account if this option is disabled
online-mode-need-auth: false
# WARNING: its experimental feature, so disable only if you really know what you are doing
# When enabled, this option will keep default 'online-mode-need-auth' behavior
# When disabled, this option will disable premium authentication for unregistered players if they fail it once,
# allowing offline-mode players to use online-mode usernames
# Does nothing when enabled, but when disabled require 'save-premium-accounts: true', 'online-mode-need-auth: false' and 'purge_premium_cache_millis > 100000'
online-mode-need-auth-strict: false
# Needs floodgate plugin if disabled.
floodgate-need-auth: true
# TOTALLY disables hybrid auth feature
force-offline-mode: false
# Forces all players to get offline uuid
force-offline-uuid: false
# If enabled, the plugin will firstly check whether the player is premium through the local database, and secondly through Mojang API.
check-premium-priority-internal: true
# Delay in milliseconds before sending auth-confirming titles and messages to the player. (login-premium-title, login-floodgate, etc.)
premium-and-floodgate-messages-delay: 1250
# Forcibly set player's UUID to the value from the database
# If the player had the cracked account, and switched to the premium account, the cracked UUID will be used.
save-uuid: true
# Saves in the database the accounts of premium users whose login is via online-mode-need-auth: false
# Can be disabled to reduce the size of stored data in the database
save-premium-accounts: true
enable-totp: true
totp-need-password: true
register-need-repeat-password: true
change-password-need-old-password: true
# Used in unregister and premium commands.
confirm-keyword: "confirm"
# This prefix will be added to offline mode players nickname
offline-mode-prefix: ""
# This prefix will be added to online mode players nickname
online-mode-prefix: ""
# If you want to migrate your database from another plugin, which is not using BCrypt.
# You can set an old hash algorithm to migrate from.
# AUTHME - AuthMe SHA256(SHA256(password) + salt) that looks like $SHA$salt$hash (AuthMe, MoonVKAuth, DSKAuth, DBA)
# AUTHME_NP - AuthMe SHA256(SHA256(password) + salt) that looks like SHA$salt$hash (JPremium)
# SHA256_NP - SHA256(password) that looks like SHA$salt$hash
# SHA256_P - SHA256(password) that looks like $SHA$salt$hash
# SHA512_NP - SHA512(password) that looks like SHA$salt$hash
# SHA512_P - SHA512(password) that looks like $SHA$salt$hash
# SHA512_DBA - DBA plugin SHA512(SHA512(password) + salt) that looks like SHA$salt$hash (DBA, JPremium)
# MD5 - Basic md5 hash
# ARGON2 - Argon2 hash that looks like $argon2i$v=1234$m=1234,t=1234,p=1234$hash
# MOON_SHA256 - Moon SHA256(SHA256(password)) that looks like $SHA$hash (no salt)
# SHA256_NO_SALT - SHA256(password) that looks like $SHA$hash (NexAuth)
# SHA512_NO_SALT - SHA512(password) that looks like $SHA$hash (NexAuth)
# SHA512_P_REVERSED_HASH - SHA512(password) that looks like $SHA$hash$salt (nLogin)
# SHA512_NLOGIN - SHA512(SHA512(password) + salt) that looks like $SHA$hash$salt (nLogin)
# CRC32C - Basic CRC32C hash
# PLAINTEXT - Plain text
migration-hash: AUTHME
# Available dimensions: OVERWORLD, NETHER, THE_END
dimension: OVERWORLD
purge-cache-millis: 3600000
purge-premium-cache-millis: 100000
purge-bruteforce-cache-millis: 28800000
# Used to ban IPs when a possible attacker incorrectly enters the password
bruteforce-max-attempts: 10
# QR Generator URL, set {data} placeholder
qr-generator-url: "https://api.qrserver.com/v1/create-qr-code/?data={data}&size=200x200&ecc=M&margin=30"
totp-issuer: "LimboAuth by Elytrium"
bcrypt-cost: 10
login-attempts: 3
ip-limit-registrations: 4
totp-recovery-codes-amount: 16
# Time in milliseconds, when ip limit works, set to 0 for disable.
ip-limit-valid-time: 21600000
# Regex of allowed nicknames
# ^ means the start of the line, $ means the end of the line
# [A-Za-z0-9_] is a character set of A-Z, a-z, 0-9 and _
# {3,16} means that allowed length is from 3 to 16 chars
allowed-nickname-regex: "^[A-Za-z0-9_]{3,16}$"
load-world: false
# World file type:
# SCHEMATIC (MCEdit .schematic, 1.12.2 and lower, not recommended)
# STRUCTURE (structure block .nbt, any Minecraft version is supported, but the latest one is recommended).
# WORLDEDIT_SCHEM (WorldEdit .schem, any Minecraft version is supported, but the latest one is recommended).
world-file-type: STRUCTURE
world-file-path: "world.nbt"
disable-falling: true
# World time in ticks (24000 ticks == 1 in-game day)
world-ticks: 1000
# World light level (from 0 to 15)
world-light-level: 15
# Available: ADVENTURE, CREATIVE, SURVIVAL, SPECTATOR
game-mode: ADVENTURE
# Custom isPremium URL
# You can use Mojang one's API (set by default)
# Or CloudFlare one's: https://api.ashcon.app/mojang/v2/user/%s
# Or use this code to make your own API: https://blog.cloudflare.com/minecraft-api-with-workers-coffeescript/
# Or implement your own API, it should just respond with HTTP code 200 (see parameters below) only if the player is premium
ispremium-auth-url: "https://api.mojang.com/users/profiles/minecraft/%s"
# Status codes (see the comment above)
# Responses with unlisted status codes will be identified as responses with a server error
# Set 200 if you use using Mojang or CloudFlare API
status-code-user-exists:
- 200
# Set 204 and 404 if you use Mojang API, 404 if you use CloudFlare API
status-code-user-not-exists:
- 204
- 404
# Set 429 if you use Mojang or CloudFlare API
status-code-rate-limit:
- 429
# Sample Mojang API exists response: {"name":"hevav","id":"9c7024b2a48746b3b3934f397ae5d70f"}
# Sample CloudFlare API exists response: {"uuid":"9c7024b2a48746b3b3934f397ae5d70f","username":"hevav", ...}
#
# Sample Mojang API not exists response (sometimes can be empty): {"path":"/users/profiles/minecraft/someletters1234566","errorMessage":"Couldn't find any profile with that name"}
# Sample CloudFlare API not exists response: {"code":404,"error":"Not Found","reason":"No user with the name 'someletters123456' was found"}
#
# Responses with an invalid scheme will be identified as responses with a server error
# Set this parameter to [], to disable JSON scheme validation
user-exists-json-validator-fields:
- "name"
- "id"
json-uuid-field: "id"
user-not-exists-json-validator-fields: []
# If Mojang rate-limits your server, we cannot determine if the player is premium or not
# This option allows you to choose whether every player will be defined as premium or as cracked while Mojang is rate-limiting the server
# True - as premium; False - as cracked
on-rate-limit-premium: true
# If Mojang API is down, we cannot determine if the player is premium or not
# This option allows you to choose whether every player will be defined as premium or as cracked while Mojang API is unavailable
# True - as premium; False - as cracked
on-server-error-premium: true
register-command:
- "/reg"
- "/register"
login-command:
- "/l"
- "/login"
totp-command:
- "/2fa"
- "/totp"
# New players will be kicked with registrations-disabled-kick message
disable-registrations: false
# Implement the automatic login using the plugin, the LimboAuth client mod and optionally using a custom launcher
# See https://github.com/Elytrium/LimboAuth-ClientMod
mod:
enabled: true
# Should the plugin forbid logging in without a mod
login-only-by-mod: false
# The key must be the same in the plugin config and in the server hash issuer, if you use it
verify-key: "Y2ltQl2q2RFyzrRmcTrLYzyN"
world-coords:
x: 0
y: 520
z: 0
auth-coords:
x: 0.0
y: 520.0
z: 0.0
yaw: 0.0
pitch: 0.0
cracked-title-settings:
fade-in: 10
stay: 70
fade-out: 20
clear-after-login: false
premium-title-settings:
fade-in: 10
stay: 70
fade-out: 20
backend-api:
# Should backend API be enabled?
# Required for PlaceholderAPI expansion to work (https://github.com/UserNugget/LimboAuth-Expansion)
enabled: false
# Backend API token
token: "19dgqcbgwg8ta"
# Available endpoints:
# premium_state, hash, totp_token, login_date, reg_date, token_issued_at,
# uuid, premium_uuid, ip, login_ip, token_issued_at
enabled-endpoints:
- "premium_state"
- "login_date"
- "reg_date"
- "uuid"
- "premium_uuid"
- "token_issued_at"
# Available values: FALSE, TRUE, PERMISSION
# FALSE - the command will be disallowed
# TRUE - the command will be allowed if player has false permission state
# PERMISSION - the command will be allowed if player has true permission state
command-permission-state:
# Permission: limboauth.commands.changepassword
change-password: PERMISSION
# Permission: limboauth.commands.destroysession
destroy-session: PERMISSION
# Permission: limboauth.commands.premium
premium: PERMISSION
# Permission: limboauth.commands.totp
totp: PERMISSION
# Permission: limboauth.commands.unregister
unregister: PERMISSION
# Permission: limboauth.admin.forcechangepassword
force-change-password: PERMISSION
# Permission: limboauth.admin.forceregister
force-register: PERMISSION
# Permission: limboauth.admin.forcelogin
force-login: PERMISSION
# Permission: limboauth.admin.forceunregister
force-unregister: PERMISSION
# Permission: limboauth.admin.reload
reload: PERMISSION
# Permission: limboauth.admin.help
help: TRUE
strings:
reload: "{PRFX} &f> &aПерезагружено успешно!"
error-occurred: "{PRFX} &f> &cПроизошла внутренняя ошибка!"
ratelimited: "{PRFX} &f> &cПожалуйста, подождите перед следующим использованием!"
database-error-kick: "{PRFX} &f> &cПроизошла ошибка базы данных!"
not-player: "{PRFX} &f> &cКонсоли не разрешено выполнять эту команду!"
not-registered: "{PRFX} &f> &cВы не зарегистрированы или ваш аккаунт &bПРЕМИУМ!"
cracked-command: "{PRFX}{NL}&fВы не можете использовать эту команду, так как ваша учетная запись &6ПРЕМИУМ&f!"
wrong-password: "{PRFX} &f> &cНеверный пароль!"
nickname-invalid-kick: "{PRFX}{NL}&cВаш никнейм содержит запрещенные символы. Пожалуйста, смените никнейм!"
reconnect-kick: "{PRFX}{NL}&cПереподключитесь к серверу, чтобы подтвердить свою учетную запись!"
# 6 hours by default in ip-limit-valid-time
ip-limit-kick: "{PRFX}{NL}{NL}&cВаш IP достиг максимального количества зарегистрированных учетных записей. Если это ошибка, перезагрузите маршрутизатор или подождите около 6 часов."
wrong-nickname-case-kick: "{PRFX}{NL}&fВы должны присоединиться, используя имя пользователя &c{0}&f, а не &c{1}&f."
bossbar: "{PRFX} &f> &fУ вас осталось &c{0} &fсекунд для входа в систему."
times-up: "{PRFX}{NL}&cВремя авторизации истекло."
login-premium: "{PRFX} &f> &fВы вошли в систему автоматически, используя премиум-аккаунт!" # Can be empty.
login-premium-title: "{PRFX} &f> &aДобро пожаловать!" # Can be empty.
login-premium-subtitle: "&fВы вошли в систему как премиум-игрок!" # Can be empty.
login-floodgate: "{PRFX} &f> Вы вошли в систему автоматически, используя учетную запись Bedrock!" # Can be empty.
login-floodgate-title: "{PRFX} &f> &aДобро пожаловать!" # Can be empty.
login-floodgate-subtitle: "&fВы вошли в систему как основоположник!" # Can be empty.
login: "{PRFX} &f> &fИспользование: &5/login &f(пароль)"
login-wrong-password: "{PRFX} &f> &cВы ввели неправильный пароль, у вас осталось {0} попыток."
login-wrong-password-kick: "{PRFX}{NL}&cВы ввели неправильный пароль несколько раз!"
login-successful: "{PRFX} &f> &aУспешно вошли в систему!"
login-title: "{PRFX}" # Can be empty.
login-subtitle: "&fИспользование: &5/login &f(пароль)" # Can be empty.
login-successful-title: "{PRFX}" # Can be empty.
login-successful-subtitle: "&aУспешно вошли в систему!" # Can be empty.
# Or if register-need-repeat-password set to false remove the "" part.
register: "{PRFX} &f> &fИспользование: &5/register &f(пароль) (пароль)"
register-different-passwords: "{PRFX} &f> &cВведенные пароли отличаются друг от друга!"
register-password-too-short: "{PRFX} &f> &cВы ввели слишком короткий пароль, используйте другой!"
register-password-too-long: "{PRFX} &f> &cВы ввели слишком длинный пароль, используйте другой!"
register-password-unsafe: "{PRFX} &f> &cВаш пароль ненадежен, используйте другой!"
register-successful: "{PRFX} &f> &aУспешно зарегистрирован!"
register-title: "{PRFX}" # Can be empty.
register-subtitle: "&fИспользование: &5/register &f(пароль) (пароль)" # Can be empty.
register-successful-title: "{PRFX}" # Can be empty.
register-successful-subtitle: "&aУспешно зарегистрирован!" # Can be empty.
unregister-successful: "{PRFX}{NL}&aУспешно незарегистрированный!"
unregister-usage: "{PRFX} &f> Использование: &5/unregister &f(текущий пароль) подтвердить"
premium-successful: "{PRFX}{NL}&fСостояние учетной записи успешно изменено на &bПРЕМИУМ&f!"
already-premium: "{PRFX} &f> &cВаш аккаунт уже &bПРЕМИУМ&c!"
not-premium: "{PRFX} &f> &cВаш аккаунт не &bПРЕМИУМ&c!"
premium-usage: "{PRFX} &f> Использование: &5/premium &f(текущий пароль) подтвердить"
event-cancelled: "{PRFX} &f> Событие авторизации было отменено"
force-unregister-successful: "{PRFX} &f> &a{0} &aУспешно незарегистрированный!"
force-unregister-kick: "{PRFX}{NL}&aВы были сняты с регистрации администратором!"
force-unregister-not-successful: "{PRFX} &f> &cНевозможно отменить регистрацию &c{0}&c. Скорее всего этот игрок никогда не был на этом сервере."
force-unregister-usage: "{PRFX} &f> Использование: &5/forceunregister &f(ник)"
registrations-disabled-kick: "{PRFX} &f> &cВ настоящее время регистрации отключены."
change-password-successful: "{PRFX} &f> &aПароль успешно изменен!"
# Or if change-password-need-old-pass set to false remove the "" part.
change-password-usage: "{PRFX} &f> &fИспользование: &5/changepassword &f(старый пароль) (новый пароль)"
force-change-password-successful: "{PRFX} &f> &fПароль для игрока &a{0} &fуспешно изменен!"
force-change-password-message: "{PRFX} &f> &fВаш пароль был изменен на &a{0} &fадминистратором!"
force-change-password-not-successful: "{PRFX} &f> &fНевозможно изменить пароль для &a{0}&f. Скорее всего этот игрок никогда не был на этом сервере."
force-change-password-not-registered: "{PRFX} &f> &fИгрок &a{0}&f не зарегистрирован."
force-change-password-usage: "{PRFX} &f> &fИспользование: &5/forcechangepassword &f(ник) (новый пароль)"
force-register-usage: "{PRFX} &f> &fИспользование: &5/forceregister &f(ник) (пароль)"
force-register-incorrect-nickname: "{PRFX} &f> &cНик содержит запрещенные символы."
force-register-taken-nickname: "{PRFX} &f> &cЭтот ник уже занят."
force-register-successful: "{PRFX} &f> Успешно зарегистрированный игрок &a{0}!"
force-register-not-successful: "{PRFX} &f> Не могу зарегистрировать игрока &a{0}&f."
force-login-usage: "{PRFX} Usage: &6/forcelogin "
force-login-successful: "{PRFX} &aSuccessfully authenticated &6{0}&a!"
force-login-unknown-player: "{PRFX} &cUnable to find authenticating player with username &6{0}&a!"
totp: "{PRFX} &f> Пожалуйста, введите ключ 2FA с помощью &5/2fa &f(ключ)"
totp-title: "{PRFX}" # Can be empty.
totp-subtitle: "&fВведите ключ 2FA, используя &5/2fa &f(ключ)" # Can be empty.
totp-successful: "{PRFX} &f> &aУспешно включил 2FA!"
totp-disabled: "{PRFX} &f> &aУспешно отключил 2FA!"
# Or if totp-need-pass set to false remove the "" part.
totp-usage: "{PRFX} &f> Использование: &5/2fa enable &f(текущий пароль) или &5/2fa disable &f(верхний ключ)."
totp-wrong: "{PRFX} &f> &cНеверный ключ 2FA!"
totp-already-enabled: "{PRFX} &f> 2FA уже включен. Отключите его с помощью &5/2fa disable &f(ключ)."
totp-qr: "{PRFX} &f> Нажмите здесь, чтобы открыть QR-код 2FA в браузере."
totp-token: "{PRFX} &f> &fВаш токен двухфакторной аутентификации &7(Нажмите, чтобы скопировать)&f: &a{0}"
totp-recovery: "{PRFX} &f> &fВаши коды восстановления &7(Нажмите, чтобы скопировать)&f: &a{0}"
destroy-session-successful: "{PRFX} &f> &cВаша сессия теперь уничтожена, вам нужно снова войти в систему после повторного подключения."
mod-session-expired: "{PRFX} &f> &cСрок действия вашего сеанса истек, войдите снова."
# Database settings
database:
# Database type: mariadb, mysql, postgresql, sqlite or h2.
storage-type: MARIADB
# Settings for Network-based database (like MySQL, PostgreSQL):
hostname: "100.107.33.61:64000"
user: "u20_iAdJFuiHWu"
password: "xVXEHtA^u.w9i9sr=IegfKvu"
database: "s20_AbobaWorld"
connection-parameters: "?autoReconnect=true&initialTimeout=1&useSSL=false"