We should have ban and kick cooldowns.
Last person to post this was 2 years ago and didnt have any point.
Many servers including mine have gotten one of their admin/moderator accounts hacked (someone else has their login info or token) and the attacker is able to mass ban an entire server. This is done with no bots but discord's own kick/ban system. Most servers use a bot anyways with all bans, mutes or kicks done over a bot command.
Discord bans currently all work the same way, you click the ban button and the user is gone. This allows self bots take servers in seconds. By adding ban cooldowns or even disabling the discord ban button, servers can use a bot of choice to make the bans with their own prefix. This will make all servers unique so mass bans are harder to pull off.
This won't affect any raids as you can still use the bot command to ban users.
-
I get where you're coming from, but I think it is kind of unrealistic for Discord to say that every server needs to use a bot to ban people (at least in the situation of there being a raid.)
I think an easier solution would just be to turn off the ability to band members for every single role.
Also, what would be stopping the hacker from using the bot to ban everyone?
1 -
This would be an opt-in feature, so you are not required to get bots.
This would help because right now all mass ban attacks use a hacked admin or mod account and automatically click the ban button for everyone. If this feature gets in, then the attack either won't work or will take a lot longer.
It also helps in the case someone wants to use a bot to mass ban. You can change the prefix of a bot (for example dyno) from ?ban to #ban or something like that. This would make it harder for someone to have any type of universal mass ban script.
0 -
You could use some bots with anti nuke or turn on 2fa for all mods
0 -
we were using 2fa and anti nuke bots... once a token gets leaked you're cooked
0
Please sign in to leave a comment.
Comments
4 comments