Installation

Last modified: 26 April 2026

Before you start

Use Velocity as the primary install target.
Keep a copy of your current proxy plugin folder and config backups.
Update Velocity, Java, and core network plugins before blaming exploit protection.
Plan a short observe-mode rollout on busy networks.

Velocity install

Stop the proxy.
Copy the ExploitSniffer jar into the Velocity plugins folder.
Start once, then stop after license.yml appears.
Edit license.yml and use the exact key name below.
Start again and run the verification commands.

license: "YOUR-LICENSE-KEY"

Use license:, not key:. Runtime config is created only after license validation passes.

Backend install

Backend installs are optional. Use them when you want backend-local visibility, GUI access, or companion reporting. Do not install on every backend by habit if proxy-only protection fits your network.

Type	Where	Use when
Proxy only	Velocity	You want the recommended protection layer.
Proxy plus backend	Velocity and selected backends	You need GUI, backend-local reports, or companion visibility.
Backend only	Paper-family backend	You do not run Velocity.

Verify

/eps status
/eps profile
/eps alerts status
/eps reports recent

Healthy first-run state means the plugin loaded, the license passed, the profile is visible, and commands respond for an admin account.

Rollout

Start with observe if your network is heavily customized.
Let normal players use common server features.
Review recent incidents for real false-positive risk.
Move to balanced when normal traffic is clean.
Use strict only for confirmed active abuse or tested networks.