🛡️Safety

Responsibility

See Responsibility

Philosophy

The safeness of a community is what gives it its quality

It doesn't mean that its safety setup should be constraining, but rather that it should be hermetic

For these purposes, the best ones are based on the zero trust security model

Issues

Spam

The most common safety issue It might sometimes even be unintentional Common spam actions are about sending numerous useless or unrelated content Its proportion is often correlated with the quality and engagement of its respective community

Nukes

Events that consist of rogue actions that are done by members with privileged permissions

These members are either trusted staff, or non-staff that has been assigned privileged permissions

Common rogue actions are mass ban, role and channel deletions, and vanity invite link theft

Raids

Events that consist of coordinated server incursion for the purpose of harassing their members

Common harassments are mass pinging, and channel & DM spamming The most sophisticated ones prepare by discreetly filling over time the target server with many raiders

Self-bots

A type of bot that runs on a user account instead of a bot account

They are most of the time used for rogue purposes. Common rogue purposes are advertising spams, mass DM scams and Raids

Those are forbidden by Discord's Trust and Safety terms The guilty risk getting perma-banned and the targeted servers deleted if too much damage has been done (see Responsibility)

Solutions

Restrictive Permissions

Admin safety issues can come from the staff or those who has been assigned privileged permissions by them

Most of these issues can be prevented by applying restrictive (but not constraining) permissions For that, read Permissions and follow the zero trust security model

Moderation

Mandatory (see Responsibility)

Most of it is done manually However, automatizing it is easy and time-saving The native AutoMod has easy to setup auto-moderation features that also contributes to anti-spam For an in-depth setup, use dedicated bots (such as Wick)

Setup Security Culture

Staff account authentication security is primordial for a server to ensure its security integrity

To enforce that, it is recommended to setup a security culture in the server

Send this page to your staff and enable the "Require 2FA for moderator actions" setting

Verification

A verification system is a security feature intended to restrict the normal access to a server using a verified or unverified role, most of the time to block self-bots, or raids

To manage it, it can either be manual or automated with bots (we recommend Wick)

Backup

When a role, channel, or message is deleted, the only way to get them back is to restore a backup

Some services might only save server settings, such as the native "server template" feature, but other can also restore its deep content (such as the premium version of xenon)