We hear about it all the time. Servers being nuked or raided, losing all their members, channels, roles & memories. This tends to happen quite a lot on Discord, but how can we prevent it?
Roles
First off, we should never give staff any permissions they don’t need. Staff accounts sometimes get compromised, or in rare cases staff themselves end up being the ones doing the raiding. To avoid this, NEVER grant staff the “administrator” permission. This bypasses everything and gives staff all permissions. Manage server is also risky as it allows adding bots of any kind, manage webhooks allow staff to add webhooks that can act as bots and ping everyone in your server. The kick permission allows staff to prune, so it would be best to disable this for all roles and keep it only for trusted bots such as Dyno so staff can kick through them. To be extra careful, you can remove ban permissions too and only allow them to ban through a bot as well.
Staff accounts get compromised quite often, as there are many “hackers” out there that hijack accounts.
2FA
Making it mandatory to have 2FA enabled for your staff is a great way to prevent raids. This makes it so it is difficult for staff to get their accounts hacked, and also prevents staff from using moderation powers while you have the mandatory 2FA setting on in your server for staff.
Wick Bot
The Wick bot is probably the most notable anti-raid bot with a variety of features. It is a powerful bot that can stop almost any form of raiding, and it is a must have for servers that are serious about keeping their servers safe from raids/nukes. Now, this bot can take some time to set up, however once it is fully set up and functioning it will make your server almost unraidable, even by your own staff. It can be added here: https://top.gg/bot/536991182035746816
Educating yourself and your staff
There are many tricks out there that can result in losing ones’ account, even if you have 2FA enabled. For example there is the QR scan trick, which usually involves someone direct messaging your staff saying they have a Nitro code they can’t redeem and trick your staff into scanning the QR code, which will allow the person into their account (even with 2FA enabled!) There are also files/links that people send to infect others with viruses to hijack their accounts. Keep your staff safe from hacking, don’t click any fishy links yourself and remember, if something seems too good to be true, it probably is. Make sure your staff are constantly aware of the dangers their accounts are in, as staff accounts are targetted by raiders.
Bots
Bots can actually be fairly dangerous to your server, especially bots requested by randoms in your server. You should only be adding reputable bots from sites like top.gg that are Discord verified. Adding any bots with permissions from strangers can be devastating to your server, as the bot owners can control these bots. Make sure your bots don’t have any permissions they don’t need, for example a music bot doesn’t need ban perms and a giveaway bot doesn’t need administrator perms.
That’s pretty much all you need to make your server raid-free. You will sometimes get troll spam raids, but those are mostly unpreventable. If you follow all these steps carefully, your server should be nuke-free and safe from harm!
If you have any questions, feel free to visit my server at discord.gg/hot
