Admin Multi-Check is a security feature built into RealmsCore that helps protect your server.
Some commands, such as permissions and moderation commands, use Admin Multi-Check. This means that in addition to the normal permission node (such as realms.kick for the /kick command), they require:
- The realms.admin permission
- If permissions and multi-check are enabled, “admin: true” must be listed below the player’s UUID in the playerperms.yml file.
For example, here is an example excerpt from a playerperms.yml file:
# Kyle_Necrowolf's permissions c7a0e7df-5141-4344-b119-9f1102e5178c: admin: true permissions: default: admin_utility cheat: admin_cheat
If the “admin: true” line (bolded above) is not found, the player will be denied access to the command.
Why use Admin Multi-Check
Because this feature is separate from permissions, your server stays protected even if your permissions system is compromised.
“Force op” hacks will fail the multi-check, because they only fool the permissions system. They can’t modify the file, so they can’t fool RealmsCore.
In most cases, the server owner is the only person with access to the server files. No one on the server can modify or bypass this system, therefore, the owner is always in control.
Disabling Admin Multi-Check
If Admin Multi-Check is disabled, only the realms.admin permission is required. The playerperms.yml file will not be checked.
The console, command blocks, and remote console (RCON) are not affected (see below).
Disabling permissions (in coreconfig.yml) will automatically disable Admin Multi-Check.
Beyond that, it is not recommended that you disable Admin Multi-Check manually. It is a non-intrusive security feature that can help protect your server. However, if you do not want to use it, you can disable it in coreconfig.yml.
How it works with Console, Command Blocks, and Remote Console (RCON)
Admin Multi-Check also applies to commands run from the console, command blocks, and remote console (RCON).
For all commands that use Admin-Multi-Check:
- By default, the console is allowed. Can be blocked in the config.
- By default, command blocks are blocked.
- Can be allowed in the config, but not recommended, as it allows commands to be run without restrictions, and any player on your server can maliciously activate command blocks.
- By default, the remote console (RCON) is blocked.
- Can be allowed in the config, but not recommended, as it can open your server up to remote attackers.
- All other command senders (entities, proxies) are blocked.
Note that this applies even if Admin Multi-Check is disabled. Disabling the feature will only disable it for players.