Locked Mod Commands

Many servers install auto-moderation bots that will kick and ban many of the spammers and scammers from your server, but as a moderator it's your job to clean up the ones that fall through the cracks. In many servers, this is setup by giving mods Kick Members and/or Ban Members permissions or by giving mods access to bot moderation commands. If an admin or mod is compromised, one of the first things a hacker will do is kick or ban any other power user that they can!

Access to kick/ban moderation commands through a moderation bot can pose additional risks to a server. If the bot has a higher role than other admins or mods (they often do), it can be used by a malicious actor to kick/ban other users at or above your current role unless the bot has designed safeguards against kicking mods. On the other hand, if the bot has built-in safeguards against kicking mods, mods will be unable to kick a hacker that has compromised a mod account.

To address this dilemma and further secure your server, Good Knight offers password protected moderation commands. The /kick and /ban commands are available to Good Knight mods but password protection means that these commands cannot be used if their account is compromised. Because mods are assumed to be trusted, the /kick and /ban commands are usable on any role that is below Good Knight. This gives a mod power to kick out hackers even if they compromise an account with a higher role.

Setup

  • Eliminate Kick Members and Ban Members permissions from all users and channels (any user with Administrator permissions can still moderate users)

  • Remove access to bot commands that can be executed to kick/ban users. Leave any auto-moderation settings active. Individual commands can be turned off by going to Integrations -> Manage Bot

  • Give any user that needs kick/ban powers the permissions to use Good Knight with the /permissions command

Last updated