Compatibility
Minecraft: Java Edition
Platforms
Supported environments
Links
Tags
Creators
Details
🛡️ Defixus (Anti-Cheat) and QoL Admin Tool
🔒 Advanced Fabric Client Verification & Integrity Protection
Detect unauthorized mods • Verify file integrity • Monitor resource packs • Protect your community
⚡ 🔐 SHA-256 Live Verification 🔐 ⚡
Defixus is a powerful anti-tampering and verification system for Fabric servers.
Supports Minecraft 26.x and 1.21.11-1.21.4
Unlike traditional whitelist solutions, Defixus validates not only which mods are installed, but also their exact integrity through SHA-256 checksum hashing, ensuring that modified, disguised or tampered clients cannot bypass server security policies defined by Defixus.
Built for wheather large or small communities that require a control over the client environment.
Supports Bedrock Clients with Geyser-Fabric and Hydraulic for Fabric.
✨ Features
🔍 Advanced Verification Engine
Defixus verifies every mod installed on the client.
Unlike traditional whitelist systems, Defixus checks:
- 📦 Mod Verification and Compilation Integrity
- 🎨 Resource Pack Verification and Compilation Integrity
- 🔐 SHA-256 File Hash for Graylisted Mods and Resourcepacks
- 🧩 Client Anti-Cheat Integrity
- ⚡ Runtime Resource Pack Monitoring for in-game changes
- 🛡️ Ability to Block Resource Pack changes in-game
- 📡 Ability to send all the information with Discord Webhook alterts
- 📊 Tracks everything for statistics puroposes
- 🔢 Quality of Life Discord Embeds with statistics related to the alert
- 👮 OP Bypass
- ⚙️ Ability to track every command someone does with a Discord Webhook alert
🤖 Discord Integration
Receive real-time security notifications directly inside Discord by using Discord Webhooks. You can chose with alert goes through which discord channel and you can use that whether for secuirity or transparency with your community. About the command tracking, no restriction on who uses the command. You can chose the commands that sends an alert in Discord in the webhooks file config file.
🛡️ Why Defixus?
Most whitelist systems only verify:
Mod ID
Version
Defixus verifies:
Mod ID
Version
Resource Packs
SHA-256 Hash for Mods and Resourcepacks
Client Integrity
Runtime Client Modifications for Mods and Resourcepacks
Ability to Block Runtime modifications
You the ability for you to select which of these can result in a Discord Altert with Discord Webhooks and in which discord channel.
Defixus also does:
Huge statistics
JOIN / QUIT Discord Alert
START / STOP Discord Alert
OP Bypass with Discord Alert
Command Tracking with Discord Alert
This means that even if a malicious player modifies a whitelisted mod and keeps the same Mod ID and Version, Defixus can still detect the modification.
Example verification data:
defixus:1.0.0:d43fa1c9c9...
sodium:0.6.13:ab923e4f11...
iris:1.8.5:f38ac52f9f...
⚡ Verification Flow
Verification happens automatically when a player joins.
Player joins
│
▼
Client Presence Check
│
▼
Mod Scan
│
▼
SHA-256 Checksum
│
▼
Resource Pack Scan
│
▼
Data Sent To Server
│
▼
Whitelist Validation
│
┌────┴────┐
│ │
PASS FAIL
│ │
▼ ▼
Join Kick
Allowed + Error Code
+
Runtime
Tracking
Most verifications complete in less than a second. It depends on the number of mods and resourcepacks.
🎨 Resource Pack Protection
Defixus provides the same level of protection for resource packs.
Supported Features
| Protection | Supported |
|---|---|
| Pack Whitelist | ✅ |
| Pack Blacklist | ✅ |
| Pack Graylist | ✅ |
| SHA-256 Validation | ✅ |
| Runtime Monitoring | ✅ |
| Modified Pack Detection | ✅ |
| Pack Change Detection | ✅ |
| Auto Kick | Optional |
⚙️ Server admin explanation and setup
🟢 Whitelists
Allows the files which matches the whitelisted secured mod ids. This by default include the libraries (most of them). You want to put the ids in mod_whitelist.json or pack_whitelist.json
Supported
- Mods
- Resource Packs
Validation process
File Name
Version
SHA-256 Hash
🔴 Blacklists
Known prohibited content can be blocked immediately, put them in mod_blacklist.json or pack_blacklist.json.
Useful for:
- Cheat mods
- Exploit mods
- Unauthorized utilities
- Prohibited resource packs
It already comes with a series of known hack mods.
Supported
- Mods
- Resource Packs
Scanning process
File Name
Version
SHA-256 Hash
🟡 Graylists
Graylists are folder (graymods/ and graypacks/) where you want to put the mods that the client must match. Differently from whitelists, graylists mods or packs are allowed only and only if the SHA-256 Checksum of the mod / pack that client and server have is the same. This means graylists are a way more powerful methods to check mods.
Perfect for:
- More strict control on mods
- Exact match of the jar file or zip file
Supported
- Mods
- Resource Packs
Scanning process
File Name
Version
SHA-256 Hash
Check if SHA-256 is equal to the same file loaded on graymods/ or graypacks/
Q: What does all this mean? A: It means that if you have large amount of space of your server, you can force players to use only that specific mods and that specific version of mods, and they must be equal bit by bit throught the hash SHA-256 verification. This can be perfect for servers that shares a must have modpack.
👑 OP Bypass System and Admin Abuse Checks
Server operators can optionally bypass verification.
Useful for:
- Administration
- Development
- Testing
- Emergency maintenance
- Civil Respect and Transparency with the Community by alert when someone uses a command. No restriction on who uses the command. You can chose the commands that sends an alert in Discord.
Every bypass event can be logged and tracked.
📊 Statistics System
Defixus stores both global and per-player statistics. And use them in various occasions for QoL alerts. They can also be accessible through the Admins by the in-game commands.
🌍 Global Statistics
Tracked automatically:
| Metric |
|---|
| Total Players Verified |
| Successful Verifications |
| Failed Verifications |
| Total Kicks |
| Illegal Mods Detected |
| Modified Mods Detected |
| Resource Pack Violations |
| OP Bypass Events |
| Server Sessions |
👤 Player Statistics
Every player can have an individual security profile.
| Metric |
|---|
| First Seen |
| Last Seen |
| Connection Count |
| Successful Joins |
| Total Play Time |
| Session Duration |
| Kick History |
| Illegal Mod Detections |
| Resource Pack Violations |
| OP Bypass Usage |
Supported Events
| Event | Notification |
|---|---|
| Player Verified | ✅ |
| Verification Failed | ✅ |
| Player Kicked | ✅ |
| Illegal Mod | ✅ |
| Modified Mod | ✅ |
| Missing Mod | ✅ |
| Resource Pack Violation | ✅ |
| Resource Pack Changed | ✅ |
| Anti-Cheat Tampering | ✅ |
| OP Join | ✅ |
| OP Permission Change | ✅ |
| Statistics Events | ✅ |
| Configuration Reload | ✅ |
| Server Startup | ✅ |
| Server Shutdown | ✅ |
| Executing a command | ✅ |
📂 Configuration Structure
config/
└── Defixus-anticheat/
│
├── verification/
│ ├── mod_whitelist.json
│ ├── mod_blacklist.json
│ ├── pack_whitelist.json
│ ├── pack_blacklist.json
│ ├── config.json
│ ├── graymods/
│ └── graypacks/
│
├── discord/
│ └── webhook.json
│
├── statistics.json
│
└── players/
└── <uuid>.json
⚙️ A more detailed walkthrough on its functionality
library-bypass
Ability to allow dependencies and library mods to bypass strict verification. You can disable if you are that evil on control.
This is useful for modpacks, which generally include automatically generated dependency chains.
block-pack-change
Prevents players from changing resource packs after successful verification.
Recommended for highly controlled environments.
🖥️ Commands
Main Command
/defixus
Verification Management
/defixus list mods
/defixus list packs
/defixus scan mods
/defixus scan packs
/defixus reload
Statistics
/defixus stats
/defixus cleanup
/defixus player <player>
Hash Lookup
/defixus hash <modid>
🚀 Installation
Server
Requirements
- Fabric Loader
- Fabric API
- Java 21
Setup
- Install Fabric Loader
- Install Fabric API
- Place Defixus inside:
mods/
- Start the server once
- Configure verification settings
- Restart or reload
Client
Players must install:
Defixus (the same version of the server)
inside:
mods/
alongside approved mods.
⚠️ Security Notice and Goals of this Mod
Defixus is designed to detect:
✅ Unauthorized Mods
✅ Modified Mods
✅ Tampered Clients
✅ Resource Pack Violations
✅ Resource Pack Runtime Changes
✅ Integrity Mismatches
✅ Anti-Cheat Modifications
While no client-side verification system can guarantee absolute security, Defixus significantly increases the difficulty of using modified or unauthorized clients. However, having Defixus does not mean having the best. You should use also a Runtime anticheat like Vulkan or others to decrase even more the probabilities of allowing hacked clients.
🏗️ Technical Details of the last version
| Component | Value |
|---|---|
| Minecraft Version | 26.2 |
| Loader | Fabric |
| Java Version | 25 |
| Hash Algorithm | SHA-256 |
| Networking | Custom Payloads |
| Statistics | Persistent |
| Discord Integration | Webhooks |
| Resource Pack Monitoring | Real-Time |
Minecraft versions below 26.1 will not recive any kind of support anymore.
🧑💻 Ideal For
Defixus is particularly suitable for:
- 🏆 Competitive Servers
- ⚔️ PvP Servers
- 🏰 RPG Servers
- 💰 Economy Servers
- 🔒 Private Communities
- 🎪 Event Servers
- 📜 Whitelisted Servers
- 🧩 Curated Modpacks
Any server requiring strict client integrity enforcement can benefit from Defixus.
❤️ Support
If you enjoy Defixus:
⭐ Star the project
📥 Download on Modrinth
🐛 Report bugs
💡 Suggest features
🤝 Contribute ideas
🛡️ Defixus
Trust Through Verification
Secure • Lightweight • Transparent
Made with ❤️ for the Minecraft Fabric Community.