Get your free server today! View Plans →
Home Plans Blog About Contact Panel Join Discord
Minecraft

Whitelists, ops and permissions: keeping your Minecraft server in order

A plain guide to controlling who joins your Minecraft server and who can do what, covering whitelists, op levels, LuckPerms groups, CoreProtect rollbacks, and bans.

Whitelists, ops and permissions: keeping your Minecraft server in order

Running a Minecraft server is mostly fun until the day someone breaks into a build, hands out diamond blocks to their friends, or flips on creative mode and starts spawning TNT. Most of that comes down to one thing: who can join, and who can do what once they're in. This guide walks through whitelisting, op levels, LuckPerms, anti grief tools, and the basics of banning and kicking, so you can keep control without giving everyone the keys.

Start with a whitelist

The whitelist is the simplest lock on your front door. With it on, only players you've explicitly added can connect. Everyone else gets bounced at the login screen. If your server is for friends, a community, or a small group, turn it on before you do anything else.

You can flip it on from the console or in game:

/whitelist on
/whitelist add Notch
/whitelist add Steve_2009

That's it. Two players added, everyone else locked out. A few more commands worth knowing:

Behind the scenes this writes to whitelist.json in your server folder. You can edit that file directly if you prefer, but using the command is safer because it looks up the player's UUID for you. That matters. Minecraft tracks players by UUID, not name, so if you add someone by name before they've ever joined and they later change their username, things can get messy. Adding them while the server is online sorts the UUID out automatically.

One setting people miss: white-list=true in server.properties needs to match. The /whitelist on command sets it for you, but if you're editing files by hand, check both line up. There's also enforce-whitelist=true, which boots anyone already online who isn't on the list the moment you reload. Handy if you just removed a troublemaker and they're still connected.

Op levels: why /op everyone is a bad idea

Op (short for operator) gives a player admin powers. The temptation, especially early on, is to op your co owners and a couple of trusted friends so they can help run things. Resist that. A full op can do basically anything, including stuff you didn't intend to hand over.

Vanilla Minecraft actually has four op levels, set with op-permission-level in server.properties and stored per player in ops.json:

LevelWhat it grants
1Bypass spawn protection. Pretty harmless.
2Most cheat style commands: /gamemode, /give, /tp, /setblock, command blocks.
3Player management: /kick, /ban, /op, /deop, /whitelist.
4Everything, including /stop to shut the server down.

When you run /op SomeName, it grants them whatever op-permission-level is set to, default 4. So by default, every person you op can stop your server, ban your other admins, and spawn unlimited items. That's a lot of trust for someone who just wanted to be able to fly.

Honestly, on a real community server you should op almost nobody. Keep op for yourself and maybe one person you'd trust with your house keys. For everyone else, use a permissions plugin and hand out only the specific abilities they need. Which brings us to the tool most owners end up living in.

LuckPerms: groups and nodes instead of op

LuckPerms is the standard permissions plugin for Paper and Spigot servers, and for good reason. Instead of all or nothing op, you build groups (like default, builder, moderator, admin) and attach exactly the permissions each one should have. Players get added to a group and inherit its powers.

The idea is permission nodes. A node is a string like essentials.fly or worldedit.region.set that maps to one ability. You grant true to allow it, and you can grant false to explicitly deny something even if a parent group allows it.

Here's a basic moderator group built from the console (you can also use the web editor, which is honestly easier for big setups):

/lp creategroup moderator
/lp group moderator permission set essentials.kick true
/lp group moderator permission set essentials.tempban true
/lp group moderator permission set essentials.mute true
/lp group moderator setweight 50
/lp user Steve_2009 parent add moderator

Now Steve can kick, tempban, and mute, and nothing else. He can't change gamemode, can't stop the server, can't op people. If he goes rogue, the worst he can do is the three things you handed him.

Groups inherit from each other too. Set your builder group to inherit default, and your admin group to inherit builder, and you avoid retyping shared permissions. To check what someone actually has, /lp user Steve_2009 info lays it all out.

A few LuckPerms habits worth picking up

Stopping griefers and rolling back the damage

Permissions stop people from running bad commands. They don't stop a player who's allowed to place and break blocks from tearing down your spawn with their bare hands. For that you want protection and a way to undo damage.

CoreProtect is the plugin most owners reach for. It logs every block placed and broken, every chest opened, every door used, with a timestamp and the player's name. When a build gets wrecked, you can see exactly who did it and roll it back.

The main commands you'll use:

/co inspect

That toggles inspector mode. Now left click a broken block to see what was there and who removed it, or right click to see the history of a spot. It's the first thing to do when someone reports griefing.

Once you know who and when, you roll it back:

/co rollback u:Griefer123 t:2h r:30

That reverses everything player Griefer123 did in the last 2 hours within a 30 block radius of where you're standing. If you go too far, /co restore with the same parameters puts it back. The time format takes things like t:1d for a day or t:30m for thirty minutes.

A quick warning: rollbacks are powerful and they don't ask twice. Always run /co inspect and check the logs first so you target the right player and the right time window. Rolling back two hours of legitimate building because you guessed wrong is a bad afternoon.

For prevention rather than cleanup, a land claim plugin like GriefPrevention or a region plugin like WorldGuard lets players protect their own areas so others can't touch them. CoreProtect is your safety net; claims are the fence.

Kicking and banning

Sometimes you just need someone gone. There's a difference between the two main tools here.

A kick disconnects a player right now but lets them rejoin. It's for "stop doing that" moments, or for nudging someone who's stuck or lagging the server.

/kick AnnoyingDave Take a break and read the rules
/kick AnnoyingDave

A ban stops them from coming back at all. You can ban by name or by IP.

/ban Griefer123 Grief and theft, no appeal
/ban-ip 203.0.113.45 Ban evasion
/pardon Griefer123
/banlist

Banning by name is the normal route. IP bans are heavier and worth using when someone keeps making new accounts to dodge a name ban, but be a little cautious: shared connections and CGNAT mean an IP ban can occasionally catch an innocent player on the same network. If you're using EssentialsX or a plugin like LiteBans, you also get /tempban for time limited bans, which is great for "cool off for 24 hours" situations instead of a permanent boot.

All of this is stored in banned-players.json and banned-ips.json, but use the commands rather than editing those by hand.

Console versus in game commands

You can run most admin commands two ways: typed in chat with a leading slash while you're playing, or typed in the server console (or the console tab in your control panel) without the slash.

The console runs as the server itself, which means it always has full permission. No op needed, no permission node, nothing can take it away. That's exactly why the console is the safest place to run sensitive commands, and also why you should guard access to it. Anyone with console access effectively owns the server.

A couple of practical differences:

For day to day moderation, in game is faster. For setup, recovery, and anything where you don't want to rely on a plugin loading correctly, the console wins.

Putting it together

You don't need all of this on day one. Start by turning the whitelist on so only people you trust can join. Keep op for yourself. Install LuckPerms and build a couple of groups so your helpers get just the powers they need. Add CoreProtect early, before you actually need it, because logging only counts from the moment it's running. Then keep /kick and /ban in your back pocket for the rare bad actor who slips through.

Do those things and most of the chaos that wrecks small servers just doesn't happen. And on the day something does go wrong, you'll have the logs to see it and the tools to put it right.

Common questions

Should I op my admins or use LuckPerms instead?

Use LuckPerms for almost everyone. Full op (level 4) lets a player do anything, including stopping the server and banning your other admins. With LuckPerms you build groups and grant only the specific permission nodes each role needs, so a moderator can kick and mute without being able to spawn items or shut things down. Keep op for yourself and maybe one fully trusted person.

What is the difference between a kick and a ban?

A kick disconnects a player right now but lets them rejoin, so it is good for stopping bad behavior in the moment. A ban stops them from coming back at all. You can ban by name with /ban, or by IP with /ban-ip if someone keeps making new accounts to dodge a name ban. Plugins like EssentialsX add /tempban for time limited bans.

How do I undo griefing on my server?

Install CoreProtect before you need it, since it only logs from the moment it is running. When a build gets wrecked, use /co inspect and click blocks to see who did what and when. Then run something like /co rollback u:PlayerName t:2h r:30 to reverse their changes in the last 2 hours within 30 blocks. Always inspect first so you target the right player and time.

Why would I run commands in the console instead of in game?

The console runs as the server itself, so it always has full permission with no op or permission node required. That makes it the safest place for sensitive commands and your recovery route if you lock yourself out, since typing op YourName in the console restores access. In game commands are faster for daily moderation, but anything location based works best there.

Do I have to add players to the whitelist before they join?

It helps to add them while the server is online with /whitelist add, because Minecraft tracks players by UUID rather than name. Adding someone live looks up their UUID automatically, which avoids problems if they later change their username. You can edit whitelist.json by hand, but the command is safer for this reason.

TR
Tom Reyes
Support Engineer at Bytte.cloud

Part of the Bytte.cloud team. We run game servers, bots and websites for a living, and we write these guides from what we see day to day in support and on our own servers.

Want to try this on real hardware?

Bytte.cloud has free plans for game servers, bots and websites. No credit card, set up in seconds.

Start for free See the plans