The 2026 Discord
Security & Ownership Standard
The definitive standard for Minecraft community owners. If you ignore these protocols, you are voluntarily accepting the risk of a total community nuke.
๐ Sections
The Fundamental Commandments
-
Ownership is Absolute
Never transfer Server Ownership for "setup" or any other reason. If you transfer it willingly, you are unlikely to recover it unless the new owner cooperates. Discord's ownership transfer process exists for eligibility cases like owner inactivity โ not "I got tricked."
-
Token Security
Your bot token is a root password. It allows anyone to control your bot and perform any action the bot's role permits. Treat it like your bank password. Rotate it immediately if it is ever exposed, and never share it in any channel or DM.
-
The "Zero-Admin" Policy
Never grant the
Administratorpermission to anyone. A professional, properly-configured server setup never requires it. Anyone who tells you otherwise is either uninformed or attempting to gain unrestricted access to your server. -
DM "Verification" Scams
Ignore any request to "verify" your account via a link or QR code sent in DMs. These are token-loggers engineered to hijack your account. No legitimate Discord service or staff member will ever ask you to scan a QR code to verify anything.
Precision Permissions: The Developer Role
When hiring a developer, do not give them a generic "Manager" role. Create a custom Sandbox role placed below your Moderator roles in the hierarchy. Grant only what is actively required for the work โ nothing more.
| Permission | Risk Level | When to Grant |
|---|---|---|
| Manage Channels | Low | Required for server structure and category setup. |
| View Audit Log | Low | Essential for troubleshooting. Safe to grant. |
| Manage Expressions | Optional | Only if they need to upload or manage emojis, stickers, or soundboard assets. |
| Manage Webhooks | High Risk | Only grant if actively wiring DiscordSRV or external integrations. Webhooks can be used to impersonate staff for phishing or spam. |
| Manage Roles | Extreme Risk | Default to OFF. Only enable if absolutely necessary for bot-role linking. They can only modify roles placed below their own in the hierarchy. |
| Administrator | Never | No legitimate workflow requires this. If requested, treat it as a red flag. |
The Infrastructure Tool: Xenon Bot
Stop giving developers access to your live server. Use a staging environment. Your live members and configurations should never be exposed to someone you've just hired.
Xenon Bot (xenon.bot) is the industry-standard tool for this workflow. Here's the three-step process:
Create a Staging Server
Build the entire layout โ channels, categories, roles, permissions โ in a blank test server where the developer has the permissions they need. No real members, no live data.
Backup & Transfer with Xenon
Once the staging server is configured to your satisfaction, use Xenon to create a full backup of its structure, then load that backup into your live server.
Result: Zero Exposure
You get a professional, developer-built server structure without ever exposing your members, existing channels, or moderation logs to a stranger. The dev never touches production.
Defensive Infrastructure
Mandatory 2FA
Enable "Require 2FA for Moderation" in Safety Setup. This is your primary defense against staff account hijackings โ a compromised account without 2FA can wreak havoc.
Server Settings โ Safety SetupAnti-Nuke Bots
Deploy a bot like Wick. These detect mass deletions, kicks, and role chaos, then automatically lock down the server and contain damage through predefined thresholds.
Recommended: Wick BotSecurity Actions
Discord's native Security Actions (Server Dropdown) let you freeze the server in an emergency. Note: this is a temporary lockdown, typically capped at 24 hours, to buy you time to audit and recover.
Server Dropdown โ Security ActionsThe Security Actions lockdown is a short-term containment tool โ not a permanent fix. Use those 24 hours to identify the compromised account, revoke its permissions, and audit the Audit Log for any damage done.
Professional Vetting Protocol
-
The Live Server Test
If a developer demands access to your live server instead of agreeing to work in a staging environment, deny the request. A competent dev has no legitimate reason to require it.
-
The Dev Portal Team
If they're coding a custom bot, you should own the application in the Discord Developer Portal. Add them as a Team member โ you retain the "Kill Switch" and can revoke access instantly without needing their cooperation.
๐ฉ Red Flags โ Walk Away Immediately
- Defensive or evasive behavior when questioned about security practices or permissions scope.
- Asking for Server Ownership transfer for "API reasons" or any other justification.
- Demanding the bot token directly rather than being added as a Team member in the Developer Portal.
Every legitimate developer request can be fulfilled without granting Administrator, transferring ownership, or handing over a bot token. If someone tells you otherwise, they are not a legitimate developer.