GuidesSupportGet a Server
Minecraft

How to Set Up BungeeGuard on Your BungeeCord Network

Learn how to install BungeeGuard to prevent unauthorized direct connections to your backend servers.

BungeeGuard prevents players from bypassing your BungeeCord proxy and connecting directly to backend servers. Without it, anyone who discovers a backend server's IP can impersonate any player — including admins.

Why BungeeGuard Is Essential

When backends have online-mode=false (required for BungeeCord), anyone connecting directly can claim to be any username. BungeeGuard adds a secret token that backend servers verify, ensuring connections only come through the proxy.

Installing BungeeGuard

Download BungeeGuard

Get the latest version from BungeeGuard on GitHub.

Install on the proxy

Upload BungeeGuard.jar to the /plugins/ folder on your BungeeCord proxy via Files on the XGamingServer panel.

Install on all backends

Upload BungeeGuard.jar to the /plugins/ folder on every backend server.

Restart the proxy first

Restart your BungeeCord proxy from Console. This generates the secret token.

Copy the secret token

On the proxy, open /plugins/BungeeGuard/config.yml via Files:

token: "your-generated-secret-token-here"

Copy this token.

Configure each backend

On each backend server, edit /plugins/BungeeGuard/config.yml and paste the token:

allowed-tokens:
  - "your-generated-secret-token-here"

Restart all backend servers

Restart each backend. Players connecting directly (not through the proxy) will now be kicked.

Verifying It Works

Try connecting directly to a backend server's IP. You should see a message like:

BungeeGuard - No valid token was provided!

If you can still connect directly, double-check that:

  • The token matches exactly on proxy and backends
  • BungeeGuard is installed on all servers
  • All servers were restarted after configuration

⚠️ Warning: This is a critical security plugin for any BungeeCord network. Without it, your server is vulnerable to UUID spoofing attacks that can give anyone operator access.

💡 Tip: Consider switching to Velocity which has built-in modern forwarding security — no BungeeGuard needed.

See also: BungeeCord Guide | IP Forwarding | Velocity Guide

If you need help, join our Discord.

How is this guide?

40% Off — Limited TimeGet your Minecraft server todayInstant setup, DDoS protection, and 24/7 support included.
Get a Server

How to Install Biomes O' Plenty on Your Minecraft Server

Learn how to install and configure Biomes O' Plenty for 50+ new biomes in your world.

How to Install ClearLag on Your Minecraft Server

Learn how to install ClearLag to automatically remove dropped items and reduce entity lag.

On this page

Why BungeeGuard Is Essential
Installing BungeeGuard
Download BungeeGuard
Install on the proxy
Install on all backends
Restart the proxy first
Copy the secret token
Configure each backend
Restart all backend servers
Verifying It Works