DataSource:
# What type of database do you want to use?
# Valid values: sqlite, mysql
backend: sqlite
# Enable database caching, should improve database performance
caching: true
# Database location
mySQLHost: 127.0.0.1
# Database Port
mySQLPort: '3306'
# Username about Database Connection Infos
mySQLUsername: authme
# Password about Database Connection Infos
mySQLPassword: '12345'
# Database Name, use with converters or as SQLITE database name
mySQLDatabase: authme
# Table of the database
mySQLTablename: authme
# Column of IDs to sort data
mySQLColumnId: id
# Column for storing or checking players nickname
mySQLColumnName: username
# Column for storing players passwords
mySQLColumnPassword: password
# Column for storing players emails
mySQLColumnEmail: email
# Column for Saving if a player is logged in or not
mySQLColumnLogged: isLogged
# Column for storing players IPs
mySQLColumnIp: ip
# Column for storing players lastlogins
mySQLColumnLastLogin: lastlogin
# Column for SaveQuitLocation - X
mySQLlastlocX: x
# Column for SaveQuitLocation - Y
mySQLlastlocY: y
# Column for SaveQuitLocation - Z
mySQLlastlocZ: z
# Column for SaveQuitLocation - World name
mySQLlastlocWorld: world
# Column for RealName
mySQLRealName: realname
settings:
# The name shown in the help messages.
helpHeader: AuthMeReloaded
sessions:
# Do you want to enable the session feature?
# If enabled, when a player authenticates successfully,
# his IP and his nickname is saved.
# The next time the player joins the server, if his IP
# is the same of the last time, and the timeout time
# hasn't expired, he will not need to authenticate.
enabled: false
# After how many minutes a session should expire?
# Consider that session will end only after the timeout time, and
# if the player's ip has changed but the timeout hasn't expired,
# player will be kicked out of sever due to invalidSession!
timeout: 60
# Should the session expire if the player try to login with an
# another IP Address?
sessionExpireOnIpChange: true
restrictions:
# Can not authenticated players chat and see the chat log?
# Care that this feature blocks also all the commands not
# listed in the list below.
allowChat: false
# Can not authenticated players see the chat log?
hideChat: false
# Commands allowed when a player is not authenticated
allowCommands:
- /login
- /register
- /l
- /reg
- /email
- /captcha
# Max number of allowed registrations per IP (default: 1)
maxRegPerIp: 2
# Max allowed username length
maxNicknameLength: 16
# When this setting is enabled, online players can't be kicked out
# due to "Logged in from another Location"
# This setting will prevent potetial security exploits.
ForceSingleSession: true
ForceSpawnLocOnJoin:
# If enabled, every player will be teleported to the world spawnpoint
# after successful authentication.
# The quit location of the player will be overwritten.
# This is different from "teleportUnAuthedToSpawn" that teleport player
# back to his quit location after the authentication.
enabled: false
# WorldNames where we need to force the spawn location
# Case-sensitive!
worlds:
- 'world'
- 'world_nether'
- 'world_the_end'
# This option will save the quit location of the players.
SaveQuitLocation: false
# To activate the restricted user feature you need
# to enable this option and configure the
# AllowedRestrctedUser field.
AllowRestrictedUser: false
# The restricted user feature will kick players listed below
# if they don't match of the defined ip address.
# Example:
# AllowedRestrictedUser:
# - playername;127.0.0.1
AllowedRestrictedUser: []
# Should unregistered players be kicked immediately?
kickNonRegistered: false
# Should players be kicked on wrong password?
kickOnWrongPassword: false
# Should not logged in players be teleported to the spawn?
# After the authentication they will be teleported back to
# their normal position.
teleportUnAuthedToSpawn: false
# Minimum allowed nick length
minNicknameLength: 4
# Can unregistered players walk around?
allowMovement: false
# Should not authenticated players have speed = 0?
# This will reset the fly/walk speed to default value after the login.
removeSpeed: true
# After how many time players who fail to login or register
# should be kicked? Set to 0 to disable.
timeout: 75
# Regex sintax of allowed characters in the player name.
allowedNicknameCharacters: '[a-zA-Z0-9_]*'
# How far can unregistered players walk? Set to 0
# for unlimited radius
allowedMovementRadius: 1
# Enable double check of password when you register
# when it's true, registration require that kind of command:
# /register <password> <confirmPassword>
enablePasswordConfirmation: true
# Should we protect the player inventory before logging in? Requires ProtocolLib.
ProtectInventoryBeforeLogIn: true
# Should we deny the tabcomplete feature before logging in? Requires ProtocolLib.
DenyTabCompleteBeforeLogin: true
# Should we display all other accounts from a player when he joins?
# permission: /authme.admin.accounts
displayOtherAccounts: true
# Ban ip when the ip is not the ip registered in database
banUnsafedIP: false
# Spawn Priority, Values : authme, essentials, multiverse, default
spawnPriority: authme,essentials,multiverse,default
# Maximum Login authorized by IP
maxLoginPerIp: 2
# Maximum Join authorized by IP
maxJoinPerIp: 2
# AuthMe will NEVER teleport players !
noTeleport: false
# Regex syntax for allowed Chars in passwords.
allowedPasswordCharacters: '[\x21-\x7E]*'
# Keeps collisions disabled for logged players
# Works only with MC 1.9
keepCollisionsDisabled: false
GameMode:
# ForceSurvivalMode to player when join ?
ForceSurvivalMode: false
security:
# Minimum length of password
minPasswordLength: 5
# Maximum length of password
passwordMaxLength: 30
# this is very important options,
# every time player join the server,
# if they are registered, AuthMe will switch him
# to unLoggedInGroup, this
# should prevent all major exploit.
# So you can set up on your Permission Plugin
# this special group with 0 permissions, or permissions to chat,
# or permission to
# send private message or all other perms that you want,
# the better way is to set up
# this group with few permissions,
# so if player try to exploit some account,
# they can
# do anything except what you set in perm Group.
# After a correct logged-in player will be
# moved to his correct permissions group!
# Pay attention group name is case sensitive,
# so Admin is different from admin,
# otherwise your group will be wiped,
# and player join in default group []!
# Example unLoggedinGroup: NotLogged
unLoggedinGroup: unLoggedinGroup
# possible values: MD5, SHA1, SHA256, WHIRLPOOL, XAUTH, MD5VB, PHPBB,
# MYBB, IPB3, IPB4, PHPFUSION, SMF, XENFORO, SALTED2MD5, JOOMLA, BCRYPT, WBB3, SHA512,
# DOUBLEMD5, PBKDF2, PBKDF2DJANGO, WORDPRESS, ROYALAUTH, CUSTOM(for developpers only)
passwordHash: SHA256
# salt length for the SALTED2MD5 MD5(MD5(password)+salt)
doubleMD5SaltLength: 8
# If password checking return false, do we need to check with all
# other password algorithm to check an old password?
# AuthMe will update the password to the new passwordHash!
supportOldPasswordHash: false
# Cancel unsafe passwords for being used, put them on lowercase!
#unsafePasswords:
#- '123456'
#- 'password'
unsafePasswords:
- 'password'
- 'qwerty'
- '12345'
- '54321'
registration:
# enable registration on the server?
enabled: true
# Send every X seconds a message to a player to
# remind him that he has to login/register
messageInterval: 5
# Only registered and logged in players can play.
# See restrictions for exceptions
force: true
# Do we replace password registration by an email registration method?
enableEmailRegistrationSystem: false
# Enable double check of email when you register
# when it's true, registration require that kind of command:
# /register <email> <confirmEmail>
doubleEmailCheck: false
# Do we force kicking player after a successful registration?
# Do not use with login feature below
forceKickAfterRegister: false
# Does AuthMe need to enforce a /login after a successful registration?
forceLoginAfterRegister: false
unrestrictions:
# below you can list all account names that
# AuthMe will ignore for registration or login, configure it
# at your own risk!! Remember that if you are going to add
# nickname with [], you have to delimit name with ' '.
# this option add compatibility with BuildCraft and some
# other mods.
# It is CaseSensitive!
UnrestrictedName: []
# Message language, available : en, de, br, cz, pl, fr, ru, hu, sk, es, zhtw, fi, zhcn, lt, it, ko, pt
messagesLanguage: fr
# Force these commands after /login, without any '/', use %p for replace with player name
forceCommands: []
# Force these commands after /login as a server console, without any '/', use %p for replace with player name
forceCommandsAsConsole: []
# Force these commands after /register, without any '/', use %p for replace with player name
forceRegisterCommands: []
# Force these commands after /register as a server console, without any '/', use %p for replace with player name
forceRegisterCommandsAsConsole: []
# Do we need to display the welcome message (welcome.txt) after a login?
# You can use colors in this welcome.txt + some replaced strings:
# {PLAYER}: player name, {ONLINE}: display number of online players, {MAXPLAYERS}: display server slots,
# {IP}: player ip, {LOGINS}: number of players logged, {WORLD}: player current world, {SERVER}: server name
# {VERSION}: get current bukkit version, {COUNTRY}: player country
useWelcomeMessage: true
# Do we need to broadcast the welcome message to all server or only to the player? set true for server or false for player
broadcastWelcomeMessage: false
# Should we delay the join message and display it once the player has logged in?
delayJoinMessage: false
# Should we remove the leave messages of unlogged users?
removeUnloggedLeaveMessage: false
# Should we remove join messages altogether?
removeJoinMessage: false
# Should we remove leave messages altogether?
removeLeaveMessage: false
# Do we need to add potion effect Blinding before login/register?
applyBlindEffect: false
# Do we need to prevent people to login with another case?
# If Xephi is registered, then Xephi can login, but not XEPHI/xephi/XePhI
preventOtherCase: false
# Log level: INFO, FINE, DEBUG. Use INFO for general messages,
# FINE for some additional detailed ones (like password failed),
# and DEBUG for debug messages
logLevel: 'FINE'
# By default we schedule async tasks when talking to the database
# If you want typical communication with the database to happen synchronously, set this to false
useAsyncTasks: true
ExternalBoardOptions:
# MySQL column for the salt, needed for some forum/cms support
mySQLColumnSalt: ''
# MySQL column for the group, needed for some forum/cms support
mySQLColumnGroup: ''
# -1 mean disabled. If u want that only
# activated player can login in your server
# u can put in this options the group number
# of unactivated user, needed for some forum/cms support
nonActivedUserGroup: -1
# Other MySQL columns where we need to put the Username (case sensitive)
mySQLOtherUsernameColumns: []
# How much Log to Round needed in BCrypt(do not change it if you do not know what's your doing)
bCryptLog2Round: 10
# phpBB prefix defined during phpbb installation process
phpbbTablePrefix: 'phpbb_'
# phpBB activated group id, 2 is default registered group defined by phpbb
phpbbActivatedGroupId: 2
# WordPress prefix defined during WordPress installation process
wordpressTablePrefix: 'wp_'
permission:
# Take care with this options, if you dont want
# to use Vault and Group Switching of
# AuthMe for unloggedIn players put true
# below, default is false.
EnablePermissionCheck: false
BackupSystem:
# Enable or Disable Automatic Backup
ActivateBackup: false
# set Backup at every start of Server
OnServerStart: false
# set Backup at every stop of Server
OnServerStop: true
# Windows only mysql installation Path
MysqlWindowsPath: 'C:\Program Files\MySQL\MySQL Server 5.1\'
Security:
SQLProblem:
# Stop the server if we can't contact the sql database
# Take care with this, if you set that to false,
# AuthMe automatically disable and the server is not protected!
stopServer: true
ReloadCommand:
# /reload support
useReloadCommandSupport: true
console:
# Replace passwords in the console when player type a command like /login
removePassword: true
# Copy AuthMe log output in a separate file as well?
logConsole: true
captcha:
# Enable captcha when a player uses wrong password too many times
useCaptcha: false
# Max allowed tries before a captcha is required
maxLoginTry: 5
# Captcha length
captchaLength: 5
tempban:
# Tempban a user's IP address if they enter the wrong password too many times
enableTempban: false
# How many times a user can attempt to login before their IP being tempbanned
maxLoginTries: 10
# The length of time a IP address will be tempbanned in minutes
# Default: 480 minutes, or 8 hours
tempbanLength: 480
# How many minutes before resetting the count for failed logins by IP and username
# Default: 480 minutes (8 hours)
minutesBeforeCounterReset: 480
recoveryCode:
# Number of characters a recovery code should have (0 to disable)
length: 8
# How many hours is a recovery code valid for?
validForHours: 4
Converter:
Rakamak:
# Rakamak file name
fileName: users.rak
# Rakamak use ip ?
useIP: false
# IP file name for rakamak
ipFileName: UsersIp.rak
CrazyLogin:
# CrazyLogin database file
fileName: accounts.db
Email:
# Email SMTP server host
mailSMTP: smtp.gmail.com
# Email SMTP server port
mailPort: 465
# Email account that send the mail
mailAccount: ''
# Email account password
mailPassword: ''
# Custom SenderName, that replace the mailAccount name in the email
mailSenderName: ''
# Random password length
RecoveryPasswordLength: 8
# Email subject of password get
mailSubject: 'Your new AuthMe password'
# Like maxRegPerIp but with email
maxRegPerEmail: 1
# Recall players to add an email?
recallPlayers: false
# Delay in minute for the recall scheduler
delayRecall: 5
# Blacklist these domains for emails
emailBlacklisted:
- 10minutemail.com
# WhiteList only these domains for emails
emailWhitelisted: []
# Do we need to send new password draw in an image?
generateImage: false
# The email OAuth 2 token (leave empty if not used)
emailOauth2Token: ''
Hooks:
# Do we need to hook with multiverse for spawn checking?
multiverse: true
# Do we need to hook with BungeeCord ?
bungeecord: false
# Send player to this BungeeCord server after register/login
sendPlayerTo: ''
# Do we need to disable Essentials SocialSpy on join?
disableSocialSpy: true
# Do we need to force /motd Essentials command on join?
useEssentialsMotd: false
Purge:
# If enabled, AuthMe automatically purges old, unused accounts
useAutoPurge: false
# Number of Days an account become Unused
daysBeforeRemovePlayer: 60
# Do we need to remove the player.dat file during purge process?
removePlayerDat: false
# Do we need to remove the Essentials/users/player.yml file during purge process?
removeEssentialsFile: false
# World where are players.dat stores
defaultWorld: 'world'
# Do we need to remove LimitedCreative/inventories/player.yml, player_creative.yml files during purge process ?
removeLimitedCreativesInventories: false
# Do we need to remove the AntiXRayData/PlayerData/player file during purge process?
removeAntiXRayFile: false
# Do we need to remove permissions?
removePermissions: false
Protection:
# Enable some servers protection ( country based login, antibot )
enableProtection: false
# Apply the protection also to registered usernames
enableProtectionRegistered: true
# Countries allowed to join the server and register, see http://dev.bukkit.org/bukkit-plugins/authme-reloaded/pages/countries-codes/ for countries' codes
# PLEASE USE QUOTES!
countries:
- 'US'
- 'GB'
# Countries blacklisted automatically (without any needed to enable protection)
# PLEASE USE QUOTES!
countriesBlacklist:
- 'A1'
# Do we need to enable automatic antibot system?
enableAntiBot: true
# Max number of player allowed to login in 5 secs before enable AntiBot system automatically
antiBotSensibility: 4
# Duration in minutes of the antibot automatic system
antiBotDuration: 10
GroupOptions:
# Registered permission group
RegisteredPlayerGroup: ''
# Unregistered permission group
UnregisteredPlayerGroup: ''
