Detect and fight the exploitation of various flaws/bugs in Minecraft!

Features Permissions Commands Configuration Jenkins


NoCheatPlus attempts to prevent cheat clients from exploiting weaknesses of Minecraft or its protocol, making your server more safe. Checks cover a wide range of issues including flying and speeding, fighting hacks, fast block breaking and nukers, inventory hacks, chat spam and other types of malicious behaviour. For a more complete list have a look at the Features Page.

NoCheatPlus puts emphasis on configurability and allows you to customize actions that are carried out when a player fails a check (e.g. silent cancelling, executing commands, just logging). Bypass permissions allow to control what check to apply for which players, all checks can be deactivated in the configuration, also having the option for world-specific configuration files. Many checks allow more detailed configuration to adjust sensitivity.

Certainly NoCheatPlus is not a magical bullet, it uses a lot of heuristics and even guessing, so you will encounter false positives here and there and also not catch every single violation. Example video of how NoCheatPlus blocks cheats (outdated plugin version).

NoCheatPlus was introduced by NeatMonster, building on the code base of NoCheat by Evenprime.

The following plugins might be useful to have a look at.

CompatNoCheatPlus (cncp)

Make plugins like mcMMO, Citizens, MagicSpells or MachinaCraft more compatbile with NoCheatPlus. Not all existing plugins are covered (yet), but you can leave a note or ticket request for cncp.


Orebfuscator fights all sorts of X-ray-hacks by altering the map information that is sent to the players, such that they have to mine blocks to actually reveal what is behind. Virtually a "must have".

Downloads and History of Changes

  • Download officially approved versions on the Files page at BukkitDev.
  • Development builds have been moved over to the Jenkins at EcoCityCraft.
  • Do not download from any other source, do not use jars other people send you.
  • Changes by build number can be examined in the Jenkins changes list.
  • All commits can be seen in the GitHub commit history.
  • Plugin statistics are no longer reported to


Documentation Resources

Contact us

  • Quick questions can be asked on this page,
    or on IRC (Server: | Default-Port: 6667 | SSL-Port: 6697 | Channel: #nocheat | Web client: WebIRC)
  • For real issues or feature requests please create a new ticket or add to an existing ticket.
  • To send information that is not to be seen by all, you can also reach us by PM to @asofold and @MyPictures. Please do not contact the user 'NoCheatPlus', it is for administrative purposes only and will likely not be answered in time. Keep to BukkitDev and GitHub for support, do not trust users on other forums or websites, also not if their nick names are the same as NCP staff on BukkitDev.

Please always state the output of the "ncp version" command to let us know versions in use (users of cncp also the "cncp" command).

You must login to post a comment. Don't have an account? Register to get one!

  • Avatar of ariefun123 ariefun123 Jul 31, 2015 at 16:16 UTC - 0 likes

    @asofold: Go

    Okay thanks for the info :D

  • Avatar of asofold asofold Jul 31, 2015 at 16:14 UTC - 0 likes

    @ariefun123: Go

    Currently it depends on the server version. The fight.speed check has been rendered inoperable by not-that-recent-anymore changes concerning how events fire, so we will have to replace it by a ProtocolLib-based version for servers since roughly 1.7.10. Above that version we only can process the hits that would count as damage, which usually won't be many more than 2 per second max., thus the need for ProtocolLib, in order to get the unfiltered input from the clients.

    Assuming it was operable at all, we have several limits built in.

    The short-term monitoring is done by fight.speed and is split into "normal" and (very...) "shortterm" limits. Monitoring 2 seconds by default, the default limit is at 15 attack attempts per second, allowing a little burst/congestion with monitoring 2 seconds. To prevent sending all at once, there is the extra "shortterm" limit, limiting to 6 attacks per 7 ticks by default.

    To monitor mid-term attacking frequency, the combined.improbable check gets fed data with each attack attempt, and that should usually result in a slightly lower limit than 15/second, but it is monitoring 30 seconds or so.

    I'm probably not very concise here, but basically we have to add in a replacement for the fight.speed check, until we can actually monitor the attack attempt frequency. Once operable, there are three levels of limits as described above (shortterm, normal and mid-term).

    Last edited Jul 31, 2015 by asofold


    Latest beta release (+ 1.8.3, approved) NoCheatPlus 3.12.0-RC-sASO-b813
    (Development builds, 1.8: Jenkins)

  • Avatar of ariefun123 ariefun123 Jul 31, 2015 at 13:27 UTC - 0 likes

    at how many milliseconds between each hit will nocheatplus recognize that a player is hacking?

  • Avatar of asofold asofold Jul 30, 2015 at 22:32 UTC - 0 likes

    @xXGrammar_NaziXx: Go

    Yes, that'll be interesting. It might also be related to the client-side or the specific routing via the internet in particular, so it needn't be a server side issue.

    Usually we try to detect server-side lag and have NCP be more lenient then, but it can be with lower-grade HW that the meximum leninecy isn't enough.

    Remains to be seen....

  • Avatar of xXGrammar_NaziXx xXGrammar_NaziXx Jul 30, 2015 at 20:19 UTC - 0 likes

    @asofold: Go

    For the network issue, I am not 100% sure. However, we will be upgrading to a VPS with better specs very soon. After we upgrade and the issue is still happening, then I will make a ticket.


  • Avatar of asofold asofold Jul 30, 2015 at 06:28 UTC - 0 likes

    @xXGrammar_NaziXx: Go

    Probably we should take this into a ticket, if it stays an issue, keeping track of the details will be difficult over time.

    • morepackets: This usually happens if the connection or the client are creating congestion somehow, e.g. with eating up all uplink with torrents or map uploads, or certain mobile connection with too few uplink, or just the internet doing something weird. This check can be configured to cover more time, which might cover up for the low-vl issue. Now the check already covers 6 seconds, but there could also be special cases leading to this. You can also allow more packets per second, but that will also allow more speeding.
    • passable: This check is pretty "hard", in terms of creating violations when people move into blocks, that they are not supposed to move into. It still might have false positives. I could not create passable violations on 1.8.8 quick testing , but that doesn't say much.

    Are any speed potions or other involved, do the messages happen often? Any other side conditions? Could consider recording a debug trace (or if crafty enough, set checks.debug to trace all players, only if HD is fast), if we can't nail it down.

  • Avatar of xXGrammar_NaziXx xXGrammar_NaziXx Jul 30, 2015 at 01:06 UTC - 0 likes

    Oh, sorry, here is an image of the whole thing:

    Everyone has been reporting some sort of 'lag'. At first I was confused because I'm getting no lag and I'm on a very unstable 1-2mbps connection. (Yep, even though it's 2015 bla bla bla.) So I just kept on playing saying that I will upgrade the server ASAP and then I started to notice people saying they were lagging after like 4 warnings of them popped up. (All around 10VL) The server has around 5-10 players on constantly during the day (10 as being peak.) and the most has been almost 20 players (The server is growing fast and I'm expecting it to go higher soon.). I asked someone what they were doing and they told me that they were walking and hitting a mob. I can tell that they were not hacking because I was watching and the violation levels are really low and it's saying that they moved like half a block. Ex:

    I added CNCP to see any improvements but I don't really see any. A lot of the errors are either 'failed More Packets: sent too many moves (10 epsaccs). VL 10.' or 'failed Passable: moved into a block (2) from 12847.59, 64.00, -3665.59 to 12747.59, 63.92, -3665.59. Distance 0.08. VL 11.'


    Last edited Jul 30, 2015 by xXGrammar_NaziXx
  • Avatar of asofold asofold Jul 29, 2015 at 23:54 UTC - 0 likes

    @xXGrammar_NaziXx: Go

    In fact the features do tell some things :), just paste the whole thing next time. Not saying those are relevant here, though.

    So players get set back by moving checks - how many players complain (and how many players are playing at all)? Can it be confined to certain actions/situations, like jumping off block edges, the first move, continuous sprinting+jumping, only during fighting, whatever?

    The survivalfly check is much in focus right now, so we will keep changing/fixing.

  • Avatar of xXGrammar_NaziXx xXGrammar_NaziXx Jul 29, 2015 at 17:28 UTC - 0 likes

    @asofold Server:

    git-Spigot-6c9b0a1-de5c621 (MC: 1.8.8) *Just updated to 1.8.8 today* (detected: 1.8.8)


    Plugin: 3.12.1-SNAPSHOT-sMD5NET-b831 MCAccess: 1.8.4-1.8.7 / Spigot-CB-1.8_R3

    • There is features but they seem ill relevant.*

    The only plugins I'd think cause issues would be McMMO but 99% sure it isn't that. A lot of the errors showing up are showing low violations like (VL 10.) etc.

    Last edited Jul 29, 2015 by xXGrammar_NaziXx
  • Avatar of asofold asofold Jul 29, 2015 at 14:58 UTC - 0 likes

    @xXGrammar_NaziXx: Go

    What's the server version (best just paste the output of /ncp version)?

    What other plugins do you use, that could have to do with moving/appearance (disguises, skills, similar)?


Date created
Apr 02, 2012
Last update
Mar 21, 2015
Development stage
GNU General Public License version 3 (GPLv3)
Curse link
Recent files