Merge pull request 'feature-34-antibot' (#6) from feature-34 into develop

Reviewed-on: #6
2025-07-22 19:25:59 +00:00 · 2025-07-22 19:25:59 +00:00 · 88e905e7af
commit 88e905e7af
parent 69422189fb ca007a8c66
8 changed files with 642 additions and 0 deletions
--- a/.dockerignore
+++ b/.dockerignore
@ -7,4 +7,6 @@ src/plugins/luckperms/libs
 .crowdin
 src/plugins/pv-addon-groups/groups.json
 src/plugins/sonar/lib
 src/plugins/advancedserverlist/playercache.json
--- a/.gitignore
+++ b/.gitignore
@ -9,4 +9,6 @@ src/plugins/luckperms/libs
 .crowdin
 src/plugins/pv-addon-groups/groups.json
 src/plugins/sonar/lib
 src/plugins/advancedserverlist/playercache.json
--- a/13
+++ b/13
@ -47,6 +47,12 @@ ENV SKINSRESTORER_DB_PASSWORD=0000
 ENV VOICE_SECRET=00000000-0000-0000-0000-000000000000
 ENV VOICE_SERVERS=lobby="lobby:25565";survival="survival:25565"
 ENV SONAR_DB_HOST=127.0.0.1
 ENV SONAR_DB_PORT=3306
 ENV SONAR_DB_NAME=sonar_db
 ENV SONAR_DB_USERNAME=sonar
 ENV SONAR_DB_PASSWORD=0000
 WORKDIR ${WORKDIR_PATH}/config
 EXPOSE 25565/tcp
@ -95,4 +101,11 @@ CMD \
    # Add server list to Plasmo Voice config
    awk -v servers_str="${VOICE_SERVERS}" '{ count=split(servers_str,servers_arr,";"); servers_fmt_str = ""; for (i = 1; i <= count; i++) servers_fmt_str = servers_fmt_str servers_arr[i] "\n"; sub(/_SERVERS_/,servers_fmt_str); print }' plugins/plasmovoice/config.toml > plugins/plasmovoice/config.toml.tmp && mv -T -f plugins/plasmovoice/config.toml.tmp plugins/plasmovoice/config.toml && \
    # Add database info to sonar config
    sed -i "s/_SONAR_DB_HOST_/${SONAR_DB_HOST}/g" plugins/sonar/config.yml && \
    sed -i "s/_SONAR_DB_PORT_/${SONAR_DB_PORT}/g" plugins/sonar/config.yml && \
    sed -i "s/_SONAR_DB_NAME_/${SONAR_DB_NAME}/g" plugins/sonar/config.yml && \
    sed -i "s/_SONAR_DB_USERNAME_/${SONAR_DB_USERNAME}/g" plugins/sonar/config.yml && \
    sed -i "s/_SONAR_DB_PASSWORD_/${SONAR_DB_PASSWORD}/g" plugins/sonar/config.yml && \
    java -Xms${MEMORY} -Xmx${MEMORY} -XX:+UseG1GC -XX:G1HeapRegionSize=4M -XX:+UnlockExperimentalVMOptions -XX:+ParallelRefProcEnabled -XX:+AlwaysPreTouch -XX:MaxInlineLevel=15 -jar *.jar
--- a/src/plugins/Sonar-Velocity.jar
+++ b/src/plugins/Sonar-Velocity.jar
--- a/src/plugins/sonar/config.yml
+++ b/src/plugins/sonar/config.yml
@ -0,0 +1,213 @@
 #
 #   /$$$$$$
 #  /$$__  $$
 # | $$  \__/  /$$$$$$  /$$$$$$$   /$$$$$$   /$$$$$$
 # |  $$$$$$  /$$__  $$| $$__  $$ |____  $$ /$$__  $$
 #  \____  $$| $$  \ $$| $$  \ $$  /$$$$$$$| $$  \__/
 #  /$$  \ $$| $$  | $$| $$  | $$ /$$__  $$| $$
 # |  $$$$$$/|  $$$$$$/| $$  | $$|  $$$$$$$| $$
 #  \______/  \______/ |__/  |__/ \_______/|__/
 #
 # Need help or have questions? https://jonesdev.xyz/discord
 # Source code: https://github.com/jonesdevelopment/sonar
 # Documentation: https://docs.jonesdev.xyz/administration/configuring-sonar
 # Copyright Jones Development and Sonar Contributors, licensed under GPL-3.0
 #
 # General settings for Sonar
 general:
  # Should Sonar automatically check for new updates?
  # Sonar uses the GitHub API to check if the current version is outdated
  check-for-updates: true
  # Should Sonar log players' IP addresses in console?
  log-player-addresses: true
  # Maximum number of players online with the same IP address
  max-online-per-ip: 3
 # Sensitivity settings for the attack tracker
 # Only edit this if you know what you're doing
 attack-tracker:
  # Minimum number of new players in order for an attack to be detected
  min-players-for-attack: 8
  # Amount of time that has to pass in order for an attack to be over
  # (This value represents the time in milliseconds: 1 second = 1000 milliseconds)
  min-attack-duration: 30000
  # Number of times an incident has to be reported to be acknowledged as an attack
  # This number acts as a buffer to filter out false attack notifications
  min-attack-threshold: 2
  # Amount of time that has to pass in order for a new attack to be detected
  # (This value represents the time in milliseconds: 1 second = 1000 milliseconds)
  attack-cooldown-delay: 3000
 # You can connect Sonar to a database to keep verified players even after restarting your server
 # Note: IP addresses are saved in plain text. You are responsible for keeping your database safe!
 database:
  # Type of database Sonar uses to store verified players
  # Possible types: NONE, MYSQL, MARIADB, H2
  type: MARIADB
  # File in Sonar's plugin directory used for the H2 database
  filename: verified_players
  # Host address for authenticating with the SQL database
  host: _SONAR_DB_HOST_
  # Port for authenticating with the SQL database
  port: _SONAR_DB_PORT_
  # Name of the SQL database
  name: _SONAR_DB_NAME_
  # Username for authenticating with the SQL database
  username: _SONAR_DB_USERNAME_
  # Password for authenticating with the SQL database
  password: '_SONAR_DB_PASSWORD_'
  # How many days should Sonar keep verified players in the database?
  maximum-age: 5
 # Every new login request will be queued to avoid spam join attacks
 # The queue is updated every 1 second (20 ticks)
 queue:
  # Number of concurrent queue polls per 1 second
  max-polls: 30
 # Every new player that joins for the first time will be sent to
 # a lightweight limbo server where advanced bot checks are performed
 verification:
  # When should Sonar verify new players?
  # Possible types: ALWAYS, DURING_ATTACK
  # - ALWAYS: New players will always be checked (Recommended)
  # - DURING_ATTACK: New players will only be checked during an attack
  timing: ALWAYS
  checks:
    # Checks if the players' falling motion is following Minecraft's gravity formula
    # All predicted motions are precalculated to save performance
    gravity:
      # Should Sonar check for valid client gravity? (Recommended)
      enabled: true
      # Should Sonar make the player solve a CAPTCHA if they fail the gravity check?
      captcha-on-fail: false
      # The number of ticks the player has to fall to be allowed to hit the platform
      max-movement-ticks: 8
    # Checks if the player is colliding with blocks spawned below them
    collision:
      # Should Sonar check if the player collides with blocks? (Recommended)
      enabled: true
    # Checks if the client sends proper packets when entering a boat
    vehicle:
      # Should Sonar check if the player properly enters a boat?
      enabled: true
      # Minimum number of packets sent by the client
      minimum-packets: 2
    # Make the player type a code from a virtual map in chat
    map-captcha:
      # When should Sonar make the player solve a CAPTCHA?
      # Possible types: ALWAYS, DURING_ATTACK, NEVER
      # - ALWAYS: New players will always receive a CAPTCHA
      # - DURING_ATTACK: New players will only receive a CAPTCHA during an attack
      # - NEVER: New players will never receive a CAPTCHA (Recommended)
      timing: NEVER
      # Path to the background image Sonar uses for the CAPTCHA
      # If the image isn't found, a noise will be used as the default background.
      # You can put the name of the file here if the file is in Sonar's plugin directory
      background: ''
      # Style of the map CAPTCHA (Default: 'modern').
      # To use the old design, set this to 'legacy'.
      style: modern
      # How many CAPTCHA answers should Sonar prepare?
      # This task happens asynchronously in the background
      precompute: 500
      # How long should Sonar wait until the player fails the CAPTCHA?
      # (This value represents the time in milliseconds: 1 second = 1000 milliseconds)
      max-duration: 30000
      # How many times must a player fail the CAPTCHA before failing the verification?
      max-tries: 3
      # Characters (letters/numbers) that are allowed to appear in the answer to the CAPTCHA
      # It is not recommended to add numbers or letters that might look like one another.
      # You should only edit this if you know what you're doing
      alphabet: abcdefhjkmnoprstuxyz
    # Checks if the players are sending a valid client brand to the server
    client-brand:
      # Should Sonar check for valid client brands? (Recommended)
      enabled: true
      # Regex for validating client brands during verification
      valid-regex: ^[!-~ ]+$
      # Maximum client brand length during verification
      max-length: 64
    # Regex for validating usernames during verification
    valid-name-regex: ^[a-zA-Z0-9_]+$
    # Regex for validating client locale during verification
    valid-locale-regex: ^[a-zA-Z_]+$
  # If enabled, the player will be transferred back to the origin server
  # after successfully passing the bot verification.
  # This feature was introduced by Mojang in Minecraft version 1.20.5
  # https://docs.jonesdev.xyz/administration/configuring-sonar/configuring-the-verification/using-1.20.5+-transfers
  transfer:
    # Should Sonar transfer the player to the origin server (instead of kicking them)?
    # For this to work, you must enable the feature in your server's configuration.
    # Additionally, you might want to reduce the amount of login rate-limiting
    # performed by Velocity or other proxies/plugins, as this might prevent the
    # player from being transferred correctly.
    # If your server allows Bedrock players to join via Geyser, make sure to set up
    # TransferTool for Geyser, so Bedrock players are redirected to the correct server.
    # https://github.com/onebeastchris/TransferTool
    enabled: false
    # Which server should Sonar transfer the player to when the verification is passed?
    # Please enter the server IP used by players to normally connect to your server.
    # For example, you can put "mc.hypixel.net" or a direct IP like "1.1.1.1"
    destination-host: play.my-server.com
    # Which port should Sonar use when transferring the player to the origin server?
    # If your server does not need a port to connect to, you can leave this as 25565.
    destination-port: 25565
  # The gamemode of the player during verification
  # Possible types: SURVIVAL, CREATIVE, ADVENTURE
  # - SURVIVAL: all UI components are visible
  # - CREATIVE: health and hunger are hidden
  # - ADVENTURE: all UI components are visible
  gamemode: ADVENTURE
  # Daylight time in the verification world
  # You can find all daylight times here:
  # https://minecraft.wiki/w/Daylight_cycle
  # This is only a visual setting and does not change the verification process!
  # If this value is set to 1000, the packet will not be sent.
  time-of-day: 1000
  # Sonar caches most packets it sends to the client, including the LoginSuccess packet.
  # Which username should Sonar use for the LoginSuccess packet?
  # The username will not be visible to the player without client modifications
  cached-username: Sonar
  # Should Sonar log new verification attempts?
  log-connections: true
  # Should Sonar log new verification attempts during attacks?
  log-during-attack: false
  # Should Sonar log every single movement/position change during verification?
  # This is not recommended for production servers but can be helpful for spotting errors.
  debug-xyz-positions: false
  # Should Sonar also check Geyser (Bedrock) players?
  # This feature is experimental and might cause issues
  # If this is disabled, Bedrock players will be skipped
  check-geyser-players: false
  # The time since the player stopped sending packets before disconnecting
  # (This value represents the time in milliseconds: 1 second = 1000 milliseconds)
  read-timeout: 8000
  # The time since the server stopped sending packets before disconnecting the player
  # (This value represents the time in milliseconds: 1 second = 1000 milliseconds)
  write-timeout: 10000
  # How long should a player wait before reconnecting during verification
  # (This value represents the time in milliseconds: 1 second = 1000 milliseconds)
  rejoin-delay: 5000
  # How long should Sonar remember the number of failed verifications for a player?
  # (This value represents the time in milliseconds: 1 second = 1000 milliseconds)
  remember-time: 120000
  # How long should an IP address be denied from logging in when failing the verification too often?
  # (This value represents the time in milliseconds: 1 second = 1000 milliseconds)
  blacklist-time: 600000
  # How often does a player have to fail the verification in order to be blacklisted?
  # (Set this value to 0 to disable the blacklist entirely)
  blacklist-threshold: 2
  # List of protocol IDs which are unable to join the server at all
  # You can find the full list of all protocol IDs here:
  # https://wiki.vg/Protocol_version_numbers
  # For example, Minecraft 1.20 has the ID 763.
  blacklisted-protocols: []
--- a/src/plugins/sonar/language.properties
+++ b/src/plugins/sonar/language.properties
@ -0,0 +1,29 @@
 #
 #   /$$$$$$
 #  /$$__  $$
 # | $$  \__/  /$$$$$$  /$$$$$$$   /$$$$$$   /$$$$$$
 # |  $$$$$$  /$$__  $$| $$__  $$ |____  $$ /$$__  $$
 #  \____  $$| $$  \ $$| $$  \ $$  /$$$$$$$| $$  \__/
 #  /$$  \ $$| $$  | $$| $$  | $$ /$$__  $$| $$
 # |  $$$$$$/|  $$$$$$/| $$  | $$|  $$$$$$$| $$
 #  \______/  \______/ |__/  |__/ \_______/|__/
 #
 # Need help or have questions? https://jonesdev.xyz/discord
 # Source code: https://github.com/jonesdevelopment/sonar
 # Copyright Jones Development and Sonar Contributors, licensed under GPL-3.0
 #
 # Which language should Sonar use for all configurations?
 # For this to take effect, restart your server or reload Sonar.
 #
 # Values will not be translated if you change your language
 # when all configuration files already exist.
 # If you still want all configuration files to be translated,
 # you have to reset the configuration, messages, and webhook settings.
 #
 # You can view a full list of existing translations here:
 # https://docs.jonesdev.xyz/sonar/translations
 # If a translation does not exist yet, Sonar will use English (en)
 #
 # If you set this option to "system", Sonar will use the system language.
 language=system
--- a/src/plugins/sonar/messages.yml
+++ b/src/plugins/sonar/messages.yml
@ -0,0 +1,320 @@
 #
 #   /$$$$$$
 #  /$$__  $$
 # | $$  \__/  /$$$$$$  /$$$$$$$   /$$$$$$   /$$$$$$
 # |  $$$$$$  /$$__  $$| $$__  $$ |____  $$ /$$__  $$
 #  \____  $$| $$  \ $$| $$  \ $$  /$$$$$$$| $$  \__/
 #  /$$  \ $$| $$  | $$| $$  | $$ /$$__  $$| $$
 # |  $$$$$$/|  $$$$$$/| $$  | $$|  $$$$$$$| $$
 #  \______/  \______/ |__/  |__/ \_______/|__/
 #
 # Need help or have questions? https://jonesdev.xyz/discord
 # Source code: https://github.com/jonesdevelopment/sonar
 # Copyright Jones Development and Sonar Contributors, licensed under GPL-3.0
 #
 # Placeholder for every '<prefix>' in this configuration file
 prefix: <b><yellow>Bebrashield Bot Protection</b> <gray>» <white>
 # Placeholder for every '<support-url>' in this configuration file
 support-url: https://discord.gg/xsyy7d8RfG
 # Placeholder for every '<header>' in this configuration file
 header:
  - <b><yellow>Sonar</b><reset>
  - ''
 # Placeholder for every '<footer>' in this configuration file
 footer:
  - <gray>If you believe that this is an error, contact an administrator.
 # Disconnect message that is shown when someone joins, but there are too many online players with their IP address
 too-many-online-per-ip:
  - <header>
  - <red>There are too many players online with your IP address.
  - <footer>
 # Translations for commands
 commands:
  # Message shown when a player tries running /sonar without permission
  no-permission: <prefix><red>You do not have permission to execute this command.
  # Message shown when someone uses a command incorrectly
  incorrect-usage: '<prefix><red>Usage: /sonar <subcommand-usage>'
  # Message shown when someone provides an invalid IP address (Invalid format)
  invalid-ip-address: <prefix>The IP address you provided seems to be invalid.
  # Message shown when the console runs a command that is player-only
  player-only: <prefix><red>You can only execute this command as a player.
  # Message shown when a player runs a command that is console-only
  console-only: <prefix><red>For security reasons, you can only execute this command
    through console.
  # Message shown when a player does not have permission to execute a certain subcommand
  subcommand-no-permission: <prefix><red>You do not have permission to execute this
    subcommand. <gray>(<permission>)
  # Translations for '/sonar'
  main:
    # Informational message that is shown above everything when running the main command
    header:
      - <yellow>Running <b>Sonar</b> <version> on <platform>.
      - <gray><click:open_url:'https://github.com/jonesdevelopment/sonar'>(C) <copyright-year>
        Jones Development and Sonar Contributors</click>
      - ''
      - <gray>Need help or have any questions?
      - <white><click:open_url:'https://jonesdev.xyz/discord/'><hover:show_text:'(Click
        to open Discord)'>Open a ticket on the Discord </hover></click><click:open_url:'https://github.com/jonesdevelopment/sonar/issues'><hover:show_text:'(Click
        to open GitHub)'>or open a new issue on GitHub.
      - ''
    # Formatting of the list of subcommands shown when running the main command
    subcommands: '<suggest-subcommand><hover:show_text:''<gray>Only players: </gray><only-players><br><gray>Require
      console: </gray><only-console><br><gray>Permission: </gray><white><permission><br><gray>Aliases:
      </gray><aliases>''><dark_aqua> ▪ <gray>/sonar <subcommand>  <white><description></hover></suggest-subcommand>'
    # Formatting for yes (tick) and no (cross) values in the subcommands hover text
    tick: <green>✔</green>
    cross: <red>✗</red>
    # Formatting for the version information
    outdated-version: ' <red><click:open_url:''https://github.com/jonesdevelopment/sonar/releases/latest''><hover:show_text:''(Click
      to download the latest version of Sonar)''>(Outdated)</hover></click></red>'
    unstable-version: ' <gold>(Unstable)</gold>'
    api-error: ' <dark_red><hover:show_text:''Check the server logs for more information''>(API
      error)</hover></dark_red>'
  # Translations for '/sonar reload'
  reload:
    # Description for this subcommand
    description: Reload all configurations
    # Message shown when someone starts reloading Sonar
    start: <prefix>Reloading Sonar...
    # Message shown when Sonar has finished reloading
    finish: <prefix><green>Successfully reloaded <gray>(<time-taken>ms)
  # Translations for '/sonar verbose'
  verbose:
    # Description for this subcommand
    description: Enable or disable Sonar verbose
    # Message shown when a player subscribes to Sonar verbose
    subscribe: <prefix>You are now viewing Sonar verbose.
    # Message shown when a player unsubscribes from Sonar verbose
    unsubscribe: <prefix>You are no longer viewing Sonar verbose.
  # Translations for '/sonar notify'
  notify:
    # Description for this subcommand
    description: Enable or disable attack notifications
    # Message shown when a player subscribes to Sonar attack notifications
    subscribe: <prefix>You are now viewing Sonar attack notifications.
    # Message shown when a player unsubscribes from Sonar attack notifications
    unsubscribe: <prefix>You are no longer viewing Sonar attack notifications.
  # Translations for '/sonar blacklist'
  blacklist:
    # Description for this subcommand
    description: Manage blacklisted IP addresses
    # Message shown when someone tries clearing the blacklist but is empty
    empty: <prefix>The blacklist is currently empty. Therefore, no IP addresses were
      removed from the blacklist.
    # Message shown when someone clears the blacklist
    clear: <prefix>You successfully removed a total of <amount> IP address(es) from
      the blacklist.
    # Message shown when someone checks the size of the blacklist
    size: <prefix>The blacklist currently contains <amount> IP address(es).
    # Message shown when someone removes an IP address from the blacklist
    remove: <prefix>Successfully removed <ip> from the blacklist.
    # Message shown when someone adds an IP address to the blacklist
    add: <prefix>Successfully added <ip> to the blacklist.
    # Message shown when someone adds an IP address to the blacklist, but it is already blacklisted
    ip-duplicate: <prefix>The IP address you provided is already blacklisted.
    # Message shown when someone removes an IP address from the blacklist, but it is not blacklisted
    ip-not-found: <prefix>The IP address you provided is not blacklisted.
  # Translations for '/sonar verified'
  verified:
    # Description for this subcommand
    description: Manage verified IP addresses
    # Message shown when someone tries clearing the list of verified players but is empty
    empty: <prefix>The list of verified players is currently empty. Therefore, no
      players were unverified.
    # Message shown when someone clears the list of verified players
    clear: <prefix>You successfully unverified a total of <amount> unique player(s).
    # Message shown when someone checks the size of the list of verified players
    size: <prefix>There are currently <amount> unique player(s) verified.
    # Message shown when someone un-verifies an IP address
    remove: <prefix>Successfully unverified <ip>.
    # Message shown when someone verifies an IP address
    add: <prefix>Successfully verified <ip>.
    # Message shown when someone tries to verify an IP address/UUID that are already verified
    already: <prefix>The IP address and UUID you provided are already verified.
    # Message shown when someone un-verifies an IP address, but it is not verified
    ip-not-found: <prefix>The IP address you provided is not verified.
    # Message shown when someone looks up the verification history of an IP address
    history: '<prefix><yellow>Previous UUIDs for <ip>:'
    history-entry: ' <gray>▪ <white><uuid>'
  # Translations for '/sonar statistics'
  statistics:
    # Description for this subcommand
    description: Show session statistics of this server
    # Informational message that is shown above everything when viewing the statistics
    header: '<prefix>Showing <statistics-type> statistics for this session:'
    # Message shown when a player tries viewing an unknown statistic
    unknown-type: '<prefix><red>Unknown statistics type! Available statistics: <gray><statistics>'
    # Format of the general statistics message
    general:
      - ' <dark_aqua>▪ <gray>Verified IP addresses: <white><verified>'
      - ' <dark_aqua>▪ <gray>Verifying IP addresses: <white><verifying>'
      - ' <dark_aqua>▪ <gray>Blacklisted IP addresses: <white><blacklisted>'
      - ' <dark_aqua>▪ <gray>Currently queued logins: <white><queued>'
      - ' <dark_aqua>▪ <gray>Total non-unique joins: <white><total-joins>'
      - ' <dark_aqua>▪ <gray>Total verification attempts: <white><total-attempts>'
      - ' <dark_aqua>▪ <gray>Total failed verifications: <white><total-failed>'
      - ' <dark_aqua>▪ <gray>Server uptime: <white><server-uptime>'
    # Format of the CPU statistics message
    cpu:
      - ' <dark_aqua>▪ <gray>Process CPU usage right now: <white><process-cpu>%'
      - ' <dark_aqua>▪ <gray>System CPU usage right now: <white><system-cpu>%'
      - ' <dark_aqua>▪ <gray>Per-core process CPU usage: <white><average-process-cpu>%'
      - ' <dark_aqua>▪ <gray>Per-core system CPU usage: <white><average-system-cpu>%'
      - ' <dark_aqua>▪ <gray>Total amount of virtual cpus: <white><virtual-core-count>'
    # Format of the memory statistics message
    memory:
      - ' <dark_aqua>▪ <gray>Total free memory: <white><free-memory>'
      - ' <dark_aqua>▪ <gray>Total used memory: <white><used-memory>'
      - ' <dark_aqua>▪ <gray>Total maximum memory: <white><max-memory>'
      - ' <dark_aqua>▪ <gray>Total allocated memory: <white><total-memory>'
    # Format of the network statistics message
    network:
      - ' <dark_aqua>▪ <gray>Current incoming used bandwidth: <white><incoming-traffic>'
      - ' <dark_aqua>▪ <gray>Current outgoing used bandwidth: <white><outgoing-traffic>'
      - ' <dark_aqua>▪ <gray>Total incoming used bandwidth: <white><incoming-traffic-ttl>'
      - ' <dark_aqua>▪ <gray>Total outgoing used bandwidth: <white><incoming-traffic-ttl>'
  # Translations for '/sonar dump'
  dump:
    # Description for this subcommand
    description: Print developer information
    # Format of the information sent to console
    log: 'Generated dump: <dumped-json-data>'
 # Translations for all messages during the verification process
 verification:
  # Translations for all debug messages during the verification
  logs:
    # Message logged to console whenever a new player joins the server
    connection: <username>/<ip> (<protocol>) has connected.
    # Message logged to console whenever a player fails verification
    failed: '<username>/<ip> (<protocol>) has failed the bot check for: <reason>'
    # Message logged to console whenever a player is blacklisted
    blacklisted: <username>/<ip> (<protocol>) was blacklisted for too many failed
      attempts
    # Message logged to console whenever a player is verified
    successful: <username> has been verified successfully (<time-taken>s!).
  # Messages that are shown to the player when they are supposed to enter the CAPTCHA
  captcha:
    # Message shown to the player when they have to enter the answer to the CAPTCHA
    enter: <prefix><green>Please enter the text in chat that is displayed on the map.
    # Message shown to the player when they enter the wrong answer in chat
    incorrect: <prefix><red>You have entered a wrong answer! Please try again.
  # Message shown to the player when they are being verified
  # Set this to '' to disable the welcome message entirely
  welcome: <prefix><green>You are being verified. Please do not move; this is an automatic
    process.
  # Disconnect message that is shown when someone joins while the captcha hasn't been prepared yet
  currently-preparing:
    - <header>
    - <yellow>Your anti-bot data has not been prepared yet.
    - <gray>Please wait a few seconds before trying to verify again.
    - <footer>
  # Disconnect message that is shown when someone joins with an unsupported Minecraft version
  unsupported-version:
    - <header>
    - <red>This server does not support your version of Minecraft.
    - <footer>
  # Disconnect message that is shown when someone rejoins too fast during verification
  too-fast-reconnect:
    - <header>
    - <gold>You reconnected too fast, try again later.
    - <gray>Please wait a few seconds before trying to verify again.
    - <footer>
  # Disconnect message that is shown when someone joins but is already verifying
  already-verifying:
    - <header>
    - <red>Your IP address is currently being verified.
    - <red>Please wait a few seconds before trying to verify again.
    - <footer>
  # Disconnect message that is shown when someone joins but is already queued for verification
  already-queued:
    - <header>
    - <red>Your IP address is currently queued for verification.
    - <red>Please wait a few minutes before trying to verify again.
    - <footer>
  # Disconnect message that is shown when someone joins but is temporarily blacklisted
  blacklisted:
    - <header>
    - <red>You are currently denied from entering the server.
    - <red>Please wait a few minutes to be able to join the server again.
    - <gold>False positive? <gray><support-url>
    - <footer>
  # Disconnect message that is shown when someone joins with an invalid username
  invalid-username:
    - <header>
    - <red>Your username contains invalid characters.
    - <footer>
  # Disconnect message that is shown when someone joins with a blacklisted version
  blacklisted-protocol:
    - <header>
    - <red>You are using a version that is not allowed on our server.
    - <gold>Need help logging in? <gray><support-url>
    - <footer>
  # Disconnect message that is shown when someone verifies successfully
  success:
    - <header>
    - <green>You have successfully passed the verification.
    - <white>You are now able to play on the server when you reconnect.
  # Disconnect message that is shown when someone fails verification
  failed:
    - <header>
    - <red>You have failed the bot verification.
    - <gray>Please wait a few seconds before trying to verify again.
    - <gold>Need help logging in? <gray><support-url>
    - <footer>
 # Translations for Sonar's actionbar verbose messages
 verbose:
  layout:
    # Layout for Sonar's actionbar verbose
    normal: <prefix><gray>CPS <white><connections-per-second> <dark_aqua>╺ <gray>Logins/s
      <white><logins-per-second> <dark_aqua>╺ <gray>Verifying <white><verifying> <dark_aqua>|
      <green>⬆ <white><outgoing-traffic>/s <red>⬇ <white><incoming-traffic>/s  <green><bold><animation>
    # Layout for Sonar's actionbar verbose during an attack
    attack: <prefix><gray>CPS <white><connections-per-second> <dark_aqua>╺ <gray>Logins/s
      <white><logins-per-second> <dark_aqua>╺ <gray>Queue <white><queued> <dark_aqua>╺
      <gray>Verifying <white><verifying> <dark_aqua>╺ <gray>Duration <white><attack-duration>
      <dark_aqua>| <green>⬆ <white><outgoing-traffic>/s <red>⬇ <white><incoming-traffic>/s  <green><bold><animation>
  # Animation for the action bar
  # Alternatives:
  # - ▙, ▛, ▜, ▟
  # - ⬈, ⬊, ⬋, ⬉
  animation:
    - ◜
    - ◝
    - ◞
    - ◟
 # Translations for Sonar's attack notification messages
 notifications:
  # Layout for Sonar's attack notification title
  title: <yellow><b>Sonar<reset>
  # Layout for Sonar's attack notification subtitle
  subtitle: <gray>A bot attack has been detected
  # Layout for Sonar's attack notification in chat
  chat:
    - ''
    - <yellow><b>Sonar<reset>
    - ''
    - <gray>A bot attack has been detected.
    - ' <dark_aqua>▪ <gray>Logins per second: <white><logins-per-second>'
    - ' <dark_aqua>▪ <gray>Verifying players: <white><verifying>'
    - ' <dark_aqua>▪ <gray>Queued players: <white><queued>'
    - ''
    - <gray>View more information using <white><click:run_command:'/sonar verbose'><hover:show_text:'(Click
      to run)'>/sonar verbose</hover></click><gray> or <white><click:run_command:'/sonar
      stats'><hover:show_text:'(Click to run)'>/sonar stats</hover></click><gray>.
    - ''
--- a/src/plugins/sonar/webhook.yml
+++ b/src/plugins/sonar/webhook.yml
@ -0,0 +1,60 @@
 #
 #   /$$$$$$
 #  /$$__  $$
 # | $$  \__/  /$$$$$$  /$$$$$$$   /$$$$$$   /$$$$$$
 # |  $$$$$$  /$$__  $$| $$__  $$ |____  $$ /$$__  $$
 #  \____  $$| $$  \ $$| $$  \ $$  /$$$$$$$| $$  \__/
 #  /$$  \ $$| $$  | $$| $$  | $$ /$$__  $$| $$
 # |  $$$$$$/|  $$$$$$/| $$  | $$|  $$$$$$$| $$
 #  \______/  \______/ |__/  |__/ \_______/|__/
 #
 # Need help or have questions? https://jonesdev.xyz/discord
 # Source code: https://github.com/jonesdevelopment/sonar
 # Copyright Jones Development and Sonar Contributors, licensed under GPL-3.0
 #
 # Bot attack notifications can also be sent to your Discord server using webhooks
 webhook:
  # URL of the Discord webhook (Set this to '' to disable webhooks)
  url: ''
  # Username of the Discord webhook sender
  username: Sonar
  # URL to the avatar of the Discord webhook sender (Set this to '' to disable)
  avatar-url: ''
  # Content of the Discord webhook message (Set this to '' to disable)
  # You can use this to e.g. ping staff members using <@userId>
  # If you want to ping roles, you will need to use <@&roleId>
  content: ''
  # Embed Discord webhook message that is sent when an attack has stopped
  embed:
    # Small footer message of the Discord webhook embed
    footer:
      # Content of the footer message of the Discord webhook embed
      text: © Jones Development and Sonar Contributors
      # URL of the footer message icon of the Discord webhook embed
      icon-url: ''
    # Title of the Discord webhook embed
    title: ':white_check_mark: Attack mitigated'
    # Clickable URL of the title of the Discord webhook embed
    title-url: ''
    # Description (content) of the Discord webhook embed
    description:
      - The attack on your server has been mitigated.
      - ''
      - 'Attack start: <t:<start-timestamp>:T>'
      - 'Attack end: <t:<end-timestamp>:T>'
      - 'Attack duration: <attack-duration>'
      - ''
      - 'Peak process CPU usage during the attack: <peak-cpu>%'
      - 'Peak process memory usage during the attack: <peak-memory>'
      - 'Peak bots per second during the attack: <peak-bps>'
      - ''
      - 'Blacklisted IP addresses during the attack: <total-blacklisted>'
      - 'Failed verifications during the attack: <total-failed>'
      - 'Successful verifications during the attack: <total-success>'
    # RGB colors of the Discord webhook embed
    # Color picker: https://www.rapidtables.com/web/color/RGB_Color.html
    color:
      red: 0
      green: 255
      blue: 0