Antibot

The antibot that fights before your server knows

Join floods, ping spam, name-spoofed bots — all filtered at the edge PoP, at the protocol level, before a single connection slot on your hardware is spent.

Anatomy of a Minecraft bot attack

A modern bot attack isn't crude packet spam — it's thousands of clients speaking flawless Minecraft protocol: valid handshakes, rotating usernames, plausible protocol versions, distributed across residential proxies and cheap datacenter ranges. Server-side antibot plugins fight them after your hardware has already accepted the connection. That's the wrong side of the wire.

The Arvoris antibot pipeline

Every connection crosses these layers at the edge, in order, before it can touch your backend:

Calm by default, ruthless under attack

The pipeline is deliberately asymmetric. On a quiet Tuesday, a new player connects, passes a few wire-speed checks, and lands on your server with their real IP delivered via PROXY protocol — no captcha, no delay, nothing to notice. During an attack, auto-UAM flips the same pipeline into strict mode: every join earns its way through the gauntlet, pings are served from edge cache, and your console stays silent while the panel shows you the flood in real time.

This is the same engine that backs our full DDoS mitigation stack — antibot isn't an add-on, it's the Layer-7 half of the same system, running at all seven PoPs.

What each plan gets

Antibot questions

Why is a network-level antibot better than a plugin?+

A plugin fights bots after they've already consumed a connection slot, a thread and a login event on your hardware — during a 50,000-join flood, the fight is lost before it starts. Arvoris drops bots at the edge PoP, so your server never allocates anything for them.

Will my real players get captchas all the time?+

No. Verification only engages for connections the risk engine flags — new IPs during an attack, datacenter ranges, protocol anomalies. When your network is calm, players connect straight through. Under attack, most legitimate players still pass without ever seeing the gauntlet.

Does it work with cracked/offline-mode servers?+

Yes — the filtering happens at the protocol layer before authentication, so online-mode and offline-mode networks get the same protection. Offline networks benefit the most, since they can't lean on Mojang auth to weed out fakes.

What happens during a really big bot attack?+

Auto-UAM (Under Attack Mode) engages: rate limits tighten, every new join is routed through CryoLimbo verification, and pings are answered from edge cache. Your existing players keep playing; you get a Discord alert with live CPS and peak metrics.

Put it in front of your server free — the whole pipeline, up to 15 players, no card.

Your next attack is already scheduled.
Be behind the edge when it lands.

We take care of security so you can branch out. Free plan, no card, one DNS record — if it doesn't hold, you lost five minutes.