On-the-fly packet inspection and real-time IP verification for Minecraft servers and networks.
CoralGate acts as a high-performance application firewall for your Minecraft infrastructure. By analyzing incoming packets: malicious payloads, scanners and bots are blocked before they truly reach your server. It secures your network across every layer, from spoofing your MOTD to appear as a "no-namer" server, all the way to checking proper packet order and even checking certain incoming connection fields.
If you wish to get support, test or have any questions about CoralGate, make sure to join our Discord server!
| < 1.8 | 1.8 | 1.8.3 | 1.8.8 | 1.9 | 1.9.1 | 1.9.2 | 1.9.3/4 | 1.10.x | 1.11 | 1.11.x | 1.12 | 1.12.1 | 1.12.2 | 1.13 | 1.13.1 | 1.13.2 | 1.14 | 1.14.1 | 1.14.2 | 1.14.3 | 1.14.4 | 1.15 | 1.15.1 | 1.15.2 | 1.16 | 1.16.1 | 1.16.2 | 1.16.3 | 1.16.4/5 | 1.17 | 1.17.1 | 1.18 | 1.18.1 | 1.18.2 | 1.19 | 1.19.1/2 | 1.19.3 | 1.19.4 | 1.20/.1 | 1.20.2 | 1.20.3/4 | 1.20.5/6 | 1.21/.1 | 1.21.2/3 | 1.21.4 | 1.21.5 | 1.21.6 | 1.21.7/8 | 1.21.9/10 | 1.21.11 | 26.1.x | 26.2 | > 26.2 | |
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| Spigot | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❓ | ||
| Paper | ❌ | ✅ | ❌ | ✅ | ✅ | ❌ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ❌ | ✅ | ✅ | ❌ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ✅ | ❓ | |||||
| BungeeCord | ❌ | ❓ | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Velocity | ❌ | ❓ | ||||||||||||||||||||||||||||||||||||||||||||||||||||
| Sponge | ❌ | |||||||||||||||||||||||||||||||||||||||||||||||||||||
| Fabric | ❌ | |||||||||||||||||||||||||||||||||||||||||||||||||||||
| Forge | ❌ | |||||||||||||||||||||||||||||||||||||||||||||||||||||
| NeoForge | ❌ | |||||||||||||||||||||||||||||||||||||||||||||||||||||
📋 Versions notes
Spigot:
- 1.8 throws an exception on any player join, not supported.
- 1.8.3 works with an outdated packetevents version (2.10.1).
- 1.9.1 jar cannot be downloaded or built.
- 1.16 jar cannot be downloaded or built.
- 1.19.3 throws java.lang.RuntimeException: The received byte array length is longer than maximum allowed (8742 > 512) for LOGIN_START wrapper.
- 1.20.2 client sends PLUGIN_MESSAGE and CLIENT_SETTINGS after HANDSHAKE
Paper:
- Only 1.8.8 build exists.
- Only 1.9.4 build exists.
- Only 1.11.2 build exists.
- Only 1.12.2 build works (S3 bucket unreachable for 1.12/.1).
- Only 1.16.x build exists.
- Only 1.18.x build exists.
- 1.19.3 throws java.lang.RuntimeException: The received byte array length is longer than maximum allowed (8742 > 512) for LOGIN_START wrapper.
- 1.20.2 client sends PLUGIN_MESSAGE and CLIENT_SETTINGS after HANDSHAKE
Legend:
- ✅: Fully supported.
⚠️ : Partially supported (missing features, using outdated dependencies, buggy or not fully tested...).- ❓: Unknown compatibility, not tested at all.
- ❌: Not supported.
This installation procedure is platform independant, it is the same for every supported platform above:
- Download the latest version of packetevents.
- Download the latest version of CoralGate for your platform (see download mirrors bellow).
- Put both plugins in your "plugins" folder situated at the root of your server jar.
- Restart your server.
CoralGate is now protecting your server from scanners!
Updates are released on a non-fixed schedule. Therefore update may appear at any given time, whereas to fix issues or add new features. The update process is the same as the installation process. To update your configuration file please take a look bellow for further instructions.
CoralGate has a very extensive and complete configuration file, situated in your plugins folder under the CoralGate folder. The file is named 'config.yml'. Every default value is marked in the comments above the field with explanation on it's impact.
If you ever mess up your configuration file, delete it and restart your server. The default configuration will be loaded.
If you recently updated CoralGate and get a warning saying your configuration file is outdated, delete your configuration file and let the new default configuration appear. To ensure you loose none of your settings, we advise you make a backup of your config.yml file beforehand.
CoralGate has a built-in update checker, however it will not automatically install nor download the update, it will only send a message telling you if you are up to date or not. To prevent any malware from infecting your server, only download CoralGate from our trusted sources:
Feel free to compile CoralGate yourself, however note that using a build from the dev branch will prevent you from getting support. If you want features or fixes to be added to CoralGate, please follow the Issues/Feature request section.
CoralGate uses it's own API to determine if an IP is malicious or not.
The API is hosted in Germarny and all data is processed within this country. This API doesn't require any key or subscription to be used. You can use it for free manually too.
To use the API manually, use the base URL: https://api.gteam.cloud/coralgate/v2/enter-ip-here
Simply replace "enter-ip-here" by the IP you wish to verify.
E.g.: https://api.gteam.cloud/coralgate/v2/185.65.134.164 (This is a known malicious ip address)
E.g.: https://api.gteam.cloud/coralgate/v2/9.9.9.9 (This is not a malicious ip address)
The API supports both IPv4 and IPv6 and has currently 2 major versions:
- v2 (latest)
- v1
If your API, ISP, domain name or holders get blocked by our API and therefore from the CoralGate powered servers, contact us on Discord via our ticket system.
Provide the impacted ip address(es) and further explanation on the usage behind the ip address(es). Our support team will try their best to help you and get you unblocked from CoralGate.
Please note that we detect and block ip addresses that exerce the following behavior/service:
- Port scanning
- IP scanning
- Crawlers
- MOTD fetchers
- Online player count fetchers/monitors
- VPN/Proxy
- TOR
- Hosting services
- Cloud providers
- Bots
- Server finders/scanners (shodan, OpenHeimer...) ....
Some services are exempt from these rules, such as:
- Voting sites
- Server lists
Before opening an issue or feature request make sure you follow our templates.
If your issue/feature request goes unotice, you can open a ticket on our Discord server or bump it.
Before contributing, please make sure that you follow our conventions (naming scheme, indentation) and that your code works.
Make sure to also precise on what platform and version your test was ran, with other plugins/mods installed (if applicable).
Special credits to retrooper for making packetevents that we are using to analyze packets!
Thank you so much for your amazing work and dedication!
This project is licensed under GNU General Public License v3.0 (GPL).