I have an HF account too, you would be surprised who has one. I bet that a large part of the people on HackForums aren't actually hackers per se.
Another thing you might think about adding is Sketch's "ForceOp" SessionStealer thing. To be clear , IT ISN'T A FORCE OP, but that's what it is commonly called. It allows someone to get op on your server without you oping them, downloading a malicious file, or something of that sort. All you have to do for them to gain op is connect to their (fake) server. SessionStealer makes a fake server on the hacker's computer. If you connect to their IP, it takes your validation info that you use to log into their server and forewords it to your own server. Then, logged in to your own server as you, it sends a chat message, usually in the form of "/op [hacker name here]." All this happens while you are thinking you are connecting to the hacker's home server. After it is done, (you are still waiting on the connecting... screen), it kicks you for a customizable message, usually like "End of Stream" or "Outdated Server." You go away thinking that their server just doesn't work and the hacker goes away with op. Even something as simple as logging into a server can give someone access to your server. Thanks for reading, Josh
eh, I heard it was already fixed with something to do with the username. Obviously not. But yeah, it's fixed for the most part. sk's new method with WorldGuard, or just block sensitive commands, which NoCheat+ does with /op.
