text/gemini
# Why did "matscan" join my Minecraft server? (FAQ)
2023-05-29
matscan is a Minecraft bot that joins potentially vulnerable Minecraft servers and sends a message in chat to inform the admins.
# How should I secure my server?
It should’ve told you in its long chat message but some servers might cut it off:
• If the server was meant to be private then enable a whitelist.
• If the server is offline-mode then enable online-mode in the server.properties or install a plugin such as AuthMe.
=> https://dev.bukkit.org/projects/authme-reloaded AuthMe
• If the server has an exposed BungeeCord backend, firewall it, install BungeeGuard, or switch to Velocity.
=> https://www.spigotmc.org/resources/bungeeguard.79601/ BungeeGuard
=> https://papermc.io/software/velocity Velocity
• Enable backups or install a plugin like CoreProtect.
=> https://www.spigotmc.org/resources/coreprotect.8631/ CoreProtect
If you’ve done all of the above, then you’re probably fine.
# How did you find my server?
I scan the internet for Minecraft servers, basically sending a packet to every IP address and seeing which ones respond (it’s a little more complex than this).
# Is your data public?
No. You should still secure your server though since there are several griefing/harassment groups that use their own server scanners.
# Why did Herobrine try to join right before matscan?
matscan will try to join with the username Herobrine first, so if the server is offline-mode then it can demonstrate that people can join with any username. It may also use the username of a historical player if the server is offline-mode but has a whitelist.
# What IP does matscan join from?
The bot will exclusively join from the IP address `151.115.73.107`. This page will be updated if it ever changes in the future.
# How can I contact you?
My Matrix is @mat:matdoes.dev (preferred), but you might be able to find me on other social medias.
=> https://matrix.to/#/@mat:matdoes.dev @mat:matdoes.dev
# How can I help?
If you appreciate the security work I do, please consider funding my projects at ko-fi.com/matdoesdev.
=> https://ko-fi.com/matdoesdev ko-fi.com/matdoesdev
=> /blog ⬅ Back
This content has been proxied by September (ba2dc).