OpGuard is a plugin that protects servers against op exploits & malicious plugins by maintaining a list of verified operators and overriding the default implementation of /op and /deop with its own command: /opguard.

OpGuard offers the ability to restrict access to /op (/opguard op) with a password, useful for keeping untrustworthy staff from setting op. It's also helpful in the event a malicious user somehow gains op or when a staff member has their account broken into; users who don't know the password won't be able to op other users when OpGuard is installed.

When compared to other "Anti-Forceop" plugins, OpGuard is the most feature-packed, configurable, and secure of all.

Releases are compiled with Java 8.
If your server isn't running Java 8, OpGuard won't work.​


Require a password to op and deop players.

Passwords limit who can set op.

Remember: don't ever tell untrustworthy people the password!​

Deny access to /op and /deop.

OpGuard denies all attempts at using /op and /deop, whether from players or console.

All op-related commands must be done through /opguard.

Players who don't have permission to use /op and /deop will see an "unknown command" error when they attempt to use either command.​

Punish players that attempt to gain op.

Configure multiple punishment commands.

Hidden from /help, /?, and tab-completion.

If /plugins is disabled, players won't ever know this plugin is installed.

/opguard will display an "unknown command" message for players who don't have permission.​

Extensive logging.

OpGuard keeps a log file for everything that happens with the plugin.

Logged items can be modified in the config.​


Command: /opguard

Alias: /og


/opguard op <player> <password (if set)>
Sets op for a player.
If OpGuard's password is set, it must be included.
/opguard deop <player> <password (if set)>
Removes op from a player.
If OpGuard's password is set, it must be included.
/opguard list
List all verified operators.
/opguard password <new password>
Set OpGuard's password.
This will only work if OpGuard has no password set.
/opguard reset <current password>
Removes OpGuard's password.
The current password must be correct to remove.
/opguard reload <password (if set)>
Reload OpGuard's config.
If OpGuard's password is set, it must be included.​


  • opguard.warn
    • Receives notifications and warnings from OpGuard
    • Players with op have both permissions by default.
  • The /opguard command is only accessible by verified operators and console.



OpGuard will check for updates (via Spiget) unless disabled in the config (set check-for-updates to false).

OpGuard submits anonymous metrics data to http://mcstats.org unless disabled in the config (set metrics to false).

Collected data is nonintrusive and includes the following:

  • Server version
  • Number of players online
  • Java version
  • Geographic location (country) of the server
  • Plugin version
  • Online mode status of the server



  • To post a comment, please or register a new account.
Posts Quoted:
Clear All Quotes

About This Project



Recent Files