How to Protect your Discord Server from Hacking, Spam, and Raids
Discord has surged in popularity in recent years. Once dominated mainly by gamers and other fun groups, and more than a few educational groups, now home to thousands of NFT and crypto enthusiasts who love being part of an exclusive group and engaging with a community.
That surge in usage and popularity has also attracted some unwanted attention, drawn in by the sweet smell of NFT enthusiasts with money to spend.
As a server owner, you want to keep your community safe from malicious actors and hackers, while also keeping your server secure from raids, nukes, and worst of all, trolls.
Here are the four things you should do to protect your discord server.
Moderator Settings
First things first, before delving into the nitty-gritty of discord security, let’s get the basics out of the way. Upon creation of your discord server, head straight to Server Settings and select Moderation, and adjust your verification level settings.
These settings allow you to control who can send messages to your server and give requirements for joining, and there are five levels;
- None: Anyone can come in and start messaging. Not the safest option if you want to protect your discord server from the most basic threats.
- Low: Must have a verified email on their discord account. The most basic requirements to filter out spammers.
- Medium: The most commonly used, the joiner must be registered on Discord for more than 5 minutes.
- High: The joiner must also be a member of the server for more than ten minutes before posting any messages, a good way to stall raiders.
- Highest: Must have a verified phone number on their Discord account. Not many people include their phone number in their Discord accounts, and so many server mods don’t bother with this level of security. It is, however, the most sure-fire way to ensure that whoever enters your server is, firstly, human, and second, has a phone, and so is not a robot.
Setting requirements for newcomers to your server to check out before they can start posting will filter out most malicious bots, spammers, and hackers before they can do any damage – although it isn’t full proof, which is why you should read on.
Roles and Permissions
Roles are an important part of maintaining a Discord server. Each of the positions comes with a set of permissions that govern what they can and can’t do on the server. You can grant administrative powers to users and bots through roles, such as kicking or banning members, adding or removing channels, and pinging @everyone.
You can find these options by heading to Server Settings and selecting Roles.
Be very careful with who you assign roles. Delegating moderation authority is great for managing your server, but some roles have permissions to make changes that can cause irreversible damage to your server
Carefully assign permissions! Members with certain permissions can make changes to your server and channels. These permissions are a useful tool for moderation but be careful to whom you give this ability. Changes to your server are irreversible.
Enable server-wide two-factor authentication (2FA)
Server-wide two-factor authentication (2FA) forces all moderators and administrators to have 2FA enabled on their accounts.
By requiring your admins and mods to enable 2FA, you help protect your server indirectly by securing their personal accounts. Malicious actors may try to infiltrate them and sue their authority to make changes to your server, and so 2FA is a great way to protect your Discord server.
Just make sure to enable it on your own account as well before turning to your admins and mods.
Turn on the age-restricted content filter
When you use Age-Restricted Content Filtering, photos and files that are deemed indecent or inappropriate are automatically detected and deleted. Then your members can share content such as photographs and embeds while also lowering the danger of age-restricted content being shown in Safe For Work (SFW) channels. You can find the age restriction option in the Server Settings tab under Moderations.
There are three settings for the age-restricted content filter:
- Don’t scan any media content: Media sent to your server that contains age-restricted content will not be automatically deleted by Discord.
- Scan media content from members without a role: Age-restricted content sent by users without roles will be immediately scanned and deleted by Discord. For servers that use roles for trusted individuals, this is the best option.
- Scan media content from all members: Regardless of role, Discord will review and eliminate age-restricted content from all members
Your discord server is your forum, your community center, and your communications hub, and it is not only imperative that you keep it safe for your own sake, but it is an obligation to your members as well. Any project worth its salt should have at least one Discord community manager who is a wizard at managing servers and channels.
Summary
Here is a simple guide on how to protect your discord servers from malicious actors. Every server owner must take great care in keeping their community safe. These are four things you must do to secure your servers.