Locked Mod Commands
Many servers install auto-moderation bots that will kick and ban many of the spammers and scammers from your server, but as a moderator it's your job to clean up the ones that fall through the cracks. In many servers, this is setup by giving mods Kick Members
and/or Ban Members
permissions or by giving mods access to bot moderation commands. If an admin or mod is compromised, one of the first things a hacker will do is kick or ban any other power user that they can!
Access to kick/ban moderation commands through a moderation bot can pose additional risks to a server. If the bot has a higher role than other admins or mods (they often do), it can be used by a malicious actor to kick/ban other users at or above your current role unless the bot has designed safeguards against kicking mods. On the other hand, if the bot has built-in safeguards against kicking mods, mods will be unable to kick a hacker that has compromised a mod account.
To address this dilemma and further secure your server, Good Knight offers password protected moderation commands. The /kick
and /ban
commands are available to Good Knight mods but password protection means that these commands cannot be used if their account is compromised. Because mods are assumed to be trusted, the /kick
and /ban
commands are usable on any role that is below Good Knight. This gives a mod power to kick out hackers even if they compromise an account with a higher role.
Setup
Eliminate
Kick Members
andBan Members
permissions from all users and channels (any user withAdministrator
permissions can still moderate users)Remove access to bot commands that can be executed to kick/ban users. Leave any auto-moderation settings active. Individual commands can be turned off by going to
Integrations -> Manage Bot
Give any user that needs kick/ban powers the permissions to use Good Knight with the
/permissions
command
Last updated