Why did "matscan" join my Minecraft server? (FAQ)

matscan is a Minecraft bot that joins potentially vulnerable Minecraft servers and sends a message in chat to inform the admins.

How should I secure my server?

It should’ve told you in its long chat message but some servers might cut it off:

  • If the server was meant to be private then enable a whitelist.
  • If the server is offline-mode then enable online-mode in the server.properties or install a plugin such as AuthMe.
  • If the server has an exposed BungeeCord backend, firewall it, install BungeeGuard, or switch to Velocity.
  • Enable backups or install a plugin like CoreProtect.

If you’ve done all of the above, then you’re probably fine.

How did you find my server?

I scan the internet for Minecraft servers, basically sending a packet to every IP address and seeing which ones respond (it’s a little more complex than this).

Is your data public?

No. You should still secure your server though since there are several griefing/harassment groups that use their own server scanners.

Why did Herobrine try to join right before matscan?

matscan will try to join with the username Herobrine first, so if the server is offline-mode then it can demonstrate that people can join with any username. It may also use the username of a historical player if the server is offline-mode but has a whitelist.

How can I contact you?

My Matrix is @mat:matdoes.dev (preferred), but you might be able to find me on other social medias.

How can I help?

If you appreciate the security work I do, please consider funding my projects at ko-fi.com/matdoesdev.