Detect and fight the exploitation of various flaws/bugs in Minecraft!

Features Permissions Commands Configuration Jenkins


NoCheatPlus attempts to prevent cheat clients from exploiting weaknesses of Minecraft or its protocol, making your server more safe. Checks cover a wide range of issues including flying and speeding, fighting hacks, fast block breaking and nukers, inventory hacks, chat spam and other types of malicious behaviour. For a more complete list have a look at the Features Page.

NoCheatPlus puts emphasis on configurability and allows you to customize actions that are carried out when a player fails a check (e.g. silent cancelling, executing commands, just logging). Bypass permissions allow to control what check to apply for which players, all checks can be deactivated in the configuration, also having the option for world-specific configuration files. Many checks allow more detailed configuration to adjust sensitivity.

Certainly NoCheatPlus is not a magical bullet, it uses a lot of heuristics and even guessing, so you will encounter false positives here and there and also not catch every single violation. Example video of how NoCheatPlus blocks cheats (outdated plugin version).

NoCheatPlus was introduced by NeatMonster, building on the code base of NoCheat by Evenprime.

The following plugins might be useful to have a look at.

CompatNoCheatPlus (cncp)

Make plugins like mcMMO, Citizens, MagicSpells or MachinaCraft more compatbile with NoCheatPlus. Not all existing plugins are covered (yet), but you can leave a note or ticket request for cncp.


Orebfuscator fights all sorts of X-ray-hacks by altering the map information that is sent to the players, such that they have to mine blocks to actually reveal what is behind. Virtually a "must have".

Downloads and History of Changes

  • Download officially approved versions on the Files page at BukkitDev.
  • Development builds have been moved over to the Jenkins at EcoCityCraft.
  • Do not download from any other source, do not use jars other people send you.
  • Changes by build number can be examined in the Jenkins changes list.
  • All commits can be seen in the GitHub commit history.
  • Plugin statistics are no longer reported to


Documentation Resources

Contact us

  • Quick questions can be asked on this page,
    or on IRC (Server: | Default-Port: 6667 | SSL-Port: 6697 | Channel: #nocheat | Web client: WebIRC)
  • For real issues or feature requests please create a new ticket or add to an existing ticket.
  • To send information that is not to be seen by all, you can also reach us by PM to @asofold and @MyPictures. Please do not contact the user 'NoCheatPlus', it is for administrative purposes only and will likely not be answered in time. Keep to BukkitDev and GitHub for support, do not trust users on other forums or websites, also not if their nick names are the same as NCP staff on BukkitDev.

Please always state the output of the "ncp version" command to let us know versions in use (users of cncp also the "cncp" command).

You must login to post a comment. Don't have an account? Register to get one!

  • Avatar of MyPictures MyPictures Aug 15, 2014 at 20:23 UTC - 0 likes

    @chrisbadaoui99: Go

    As long as the issue is related to NoCheatPlus we will provide official and free support to everyone, because it could after all enhance the quality of NC+ which we strongly aim for. For other issue you should consult the bukkit forums (or other ones because Bukkit Forums don't support offline mode) or contact that plugin author directly.
    One note : Because of 3.7 Offline mode submission, we can sadly not help out with issues that are crucial for offline mode servers only.

    @TheKnight787: Go

    Yea. We have to allow some freedom since velocity is client sided. There is already a ticket open for it if you want to keep track of our progress on it:

    @niknea: Go

    Yes we provide a exemption API for such cases. The docs are here:
    and a good example can be found here:


  • Avatar of niknea niknea Aug 15, 2014 at 19:20 UTC - 0 likes


    I'm curretenley working on a plugin, that requires bypassing NCP for 3 - 5 seconds. How would I go along with this? Do you have an API with a method for it or anything like that?

    Thanks, Niknea.


  • Avatar of TheKnight787 TheKnight787 Aug 15, 2014 at 18:46 UTC - 0 likes

    When a player gets hits while in a corner, he can bypass fly. He gets teleported back but after each time he can fly higher before getting back to the previous location.

  • Avatar of chrisbadaoui99 chrisbadaoui99 Aug 15, 2014 at 11:27 UTC - 0 likes

    Hi There,

    I currently run a minecraft server that has over 2k players and currently are the biggest cracked server in the world. I am having some issues with my server and as the authors of this plugin have done an amazing job i was wondering if maybe i can get some help with issues im having. Yes i am willing to pay as i am very desperate in getting these issues fixed. My skype name is chrisbadaoui2000 if you would like to skype me or my email is [email protected]

    Thank you so much for your time and i hope i am able to get in contact with you! Thanks So Much, Cheers.


  • Avatar of asofold asofold Aug 14, 2014 at 22:51 UTC - 0 likes

    @sexyrussian: Go

    The config looks ok - i think you are seeing 11000 in the "ncp info" output, however that is the sum of all indivdual violation levels added during play. it can not compared to the violaton level used in the actions, that latter one is also shown in the alert messages.

    This discrepancy might lead to us changing th violation history, but currently the most interesting part of the violation history should be the n value, i.e. the number of violations.

    Not sure this is the problem - to find a good value for banning (though we don't recommend banning), you'd best compare what values are reached with ingame (or file/console) alerts.


    Latest release (1.7.2-1.7.10, approved) NoCheatPlus 3.11.1-RC-sMD5NET-b743
    (Development builds, 1.8: Jenkins)

  • Avatar of sexyrussian sexyrussian Aug 14, 2014 at 14:56 UTC - 0 likes

    @asofold: Go

    Just to clear up any formation questions you might have, here is a full config paste. Thanks for your help.

  • Avatar of sexyrussian sexyrussian Aug 14, 2014 at 14:53 UTC - 0 likes

    So I changed it to this.

    <<codeimprobable: active: true level: 300 actions: cancel log:improbable:2:8:if vl>5000 cancel log:improbable:2:8:if cmd:ban>>

    There was someone hacking last night, they had 11,000 improbs, and were not banned. What's wrong with the above configuration?

    Last edited Aug 14, 2014 by sexyrussian
  • Avatar of asofold asofold Aug 14, 2014 at 07:55 UTC - 0 likes

    @sexyrussian: Go

    Your actions show the entry "cmd:ban", so it will execture the "ban" entry in the strings section:

      # ...
      ban: ...

    If you want to use your "essentialsban" definition you need to put cmd:essentialsban in the actions list and the "essentialsban" entry into the strings section:

      # ...
        # ...
          # ...
          actions: cancel log:improbable:2:8:if vl>5000 cancel log:improbable:2:8:if cmd:essentialsban
      # ...
      essentialsban: ban [player] Hacking detected -autoban

    Not sure you aleady have put it so, the YAML fragment you posted doesnot seem to be complete in terms of showing the sections of the configuration.

  • Avatar of MyPictures MyPictures Aug 14, 2014 at 00:16 UTC - 0 likes

    @sexyrussian: Go

    You can simply put the eban command with variables in the string section, that should do the trick. Essentials might put in the bans in the bukkit ban list json for compatibility also.

    Just asked Hobbits and he confirmed:
    <@Hobbits|away> MyPictures: yes, although depending on your version, the reason might not be populated
    <@Hobbits|away> devbuilds populate the reason, stables dont

    Last edited Aug 14, 2014 by MyPictures
  • Avatar of sexyrussian sexyrussian Aug 13, 2014 at 23:40 UTC - 0 likes

    @asofold Hello, I don't actually use 'ncp ban'. What I use is this.

          active: true
          level: 300
          actions: cancel log:improbable:2:8:if vl>5000 cancel log:improbable:2:8:if cmd:ban

    And it makes people get banned via bukkit.

    So generally, you suggested for me to use a custom command?


          active: true
          level: 300
          actions: cancel log:improbable:2:8:if vl>5000 cancel log:improbable:2:8:if cmd:essentialsban
      essentialsban: ban [player] Hacking detected -autoban

    Anyway i learned more information that you should know. A player was '/tempban'-ed on the server, and he got onto the bukkit banned-players.json because of it. Another player has been banned, and they actually have the appropriate ban message, the custom ban message "Hacking detected -autoban" in their essentials /who. This means everyone in banned-players.json has been banned by essentials and by bukkit. Anyway to use essentials only? or to disable bukkit bans?


Date created
Apr 02, 2012
Last update
Sep 21, 2014
Development stage
GNU General Public License version 3 (GPLv3)
Curse link
Recent files