Download ServerConfigCleaner — Minecraft Mods — MetaMods

ServerConfigCleaner

Active

0.0

0 reviews
Download

Downloads

0

Last update

9 months ago

Versions

1.13.2 — 1.21.4
Server
Forge
Neoforge
Utils
Download

ServerConfigCleaner — Protection for Server Configuration Files

The Danger of Configuration Synchronization

Both NeoForge and MinecraftForge automatically synchronize all contents of server configs with clients. The problem is that many developers don't fully understand this feature and sometimes store confidential data in such configurations — for example, Discord bot tokens or other secret values. This means that any player connecting to your server can access this data. The ServerConfigCleaner mod solves this problem by removing sensitive values before sending the configuration to clients.

Compatibility with Minecraft Versions and Loaders

Since the mod works with a wide range of Minecraft versions and two main loaders, the version numbering scheme looks as follows:

Loader Minecraft Version Mod Version Suffix
MinecraftForge 1.13.2 - 1.16.5 -1.13.2
MinecraftForge 1.17.x - 1.20.1 -1.17.1
NeoForge 1.20.1 -1.17.1
MinecraftForge 1.20.2+ -1.20.2-mcf
NeoForge 1.20.2 - 1.20.5 -1.20.2-neo
NeoForge 1.21.0+ -1.21.0-neo

How the Protection Works

The mod operates in two stages:

First Stage: Detection of Potentially Dangerous Settings

During startup, ServerConfigCleaner analyzes all configuration options for potentially dangerous information. Since this process is based on heuristic algorithms, the detected settings require manual classification in the configuration file config/serverconfigcleaner-common.toml:

  • False Positives: Most discovered options are harmless settings that simply matched search patterns. For example, the logistics.seatHostileMobs parameter from the Create mod might be wrongly identified as dangerous due to the presence of the substring Host. Such values should be added to the falsePositives list.

  • Sensitive Settings: Truly dangerous options containing confidential data should be added to the doNotSync list. For example: doNotSync = ["mymod:discord.token"].

Second Stage: Filtration During Synchronization

On the server, the mod intercepts the configuration synchronization process. If an option was marked as confidential in the first stage, its value is replaced with the default value before being sent to clients. Since for such options the default value is usually a harmless constant like INSERT BOT TOKEN HERE, this allows safely transmitting the configuration structure without revealing secret data.

Important Information

The mod comes with pre-installed lists of known issues and safe options, so in most cases you won't need to perform additional manual configuration.

Project members
malte0811

malte0811

Developer
ThatGravyBoat

ThatGravyBoat

Developer
TelepathicGrunt

TelepathicGrunt

Developer

Created: 22 Dec 2024

ID: 68268