Anti-Nuke
Defends against a compromised admin (or compromised bot) destroying your server. Detects rapid destructive actions and either auto-strips the actor's roles or quarantines them, with optional auto-revert of their changes.
What it watches
Per-actor rate limits on:
- Channel deletes
- Channel creates
- Role deletes
- Role creates
- Role permission changes
- Member ban bursts
- Member kick bursts
- Webhook creates
- Webhook deletes
Each one has its own count + window (e.g. 3 channel-deletes in 30 seconds).
Settings
| Setting | What it does |
|---|---|
| Enabled | Master switch. |
| Whitelisted user IDs | These users bypass every check. Reserve for trusted automation. |
| Whitelisted role IDs | Anyone with one of these roles bypasses every check. |
| Punishment | What to do when an actor trips a limit. strip_roles / quarantine / ban / kick. |
| Auto-revert | Try to undo their destructive changes — recreate the deleted channel, restore the role, unban the user. |
| Limits | Per-action-class count + window. Defaults: 3 channel-deletes / 30s, 5 channel-creates / 30s, etc. |
| Alert channel | Posts a detailed incident embed when the system fires. |
| Alert on dangerous perm grant | Separate single-event watcher — alerts when any single role grant adds Administrator / ManageGuild / ManageRoles, even if there's no rate-limit trip. Observation-only; never auto-acts. |
Default limits
channel_delete : 3 in 30s
channel_create : 5 in 30s
role_delete : 3 in 30s
role_create : 5 in 30s
role_perm_change: 3 in 30s
ban_burst : 5 in 30s
kick_burst : 5 in 30s
webhook_create : 3 in 30s
webhook_delete : 3 in 30sThese err on the strict side — a normal admin doing normal admin work won't trip them.
Tips
- Whitelist your trusted bots. Build bots, ticket bots, etc. that legitimately rate-create channels need to be on the whitelist or they'll trip every time they do their job.
strip_rolesis the safest punishment. It removes the attacker's ability to keep doing damage without permanently losing them. They can be re-roled by another admin once the situation is sorted.- Auto-revert is best-effort. It recreates the deleted channel/role with the same name + permissions; webhook attachments and message history can't be recovered.
alert_on_dangerous_permis a free safety net. It costs nothing to leave on and alerts you the moment someone elevates a role to Administrator — the most common precursor to a server nuke.
Cross-Server Sync
Syncable settings (when Cross-Server Sync → security sync is on):
- Enabled toggle
- Punishment
- Rate limits
- Auto-revert
- Alert on dangerous permission grant
The whitelisted users, whitelisted roles, and alert channel stay local per server — sharing those would silently grant another server's whitelisted user immunity on yours.
Permissions
security.view— see incidents + tunablessecurity.edit— change settings, revert incidents
Behaviour
- A single dangerous-permission grant (e.g. role X is given Administrator) fires the alert even outside of a burst.
- Each rate limit is tracked per-actor, per-action-type, on a rolling window.
- An incident is a record of one actor exceeding one limit. The dashboard lists incidents with a one-click revert.
Related pages
- Server Backup — snapshot to restore from when auto-revert can't fix something
- Perm Watch — finer-grained single-event watches
- Audit Log — incident history