Moderation

Anti-Raid Protection

Raid attacks can destroy a server in minutes: hundreds of bots join, spam messages flood channels, roles are deleted, and members are mass-banned. SYNTHET's anti-raid system detects these attacks in real-time and triggers automatic responses to minimize damage. Customize sensitivity and actions to match your server's activity patterns.

What is a Raid?

A raid is a coordinated attack where multiple bot accounts (or compromised real accounts) join your server nearly simultaneously to:

  • Spam:Flood channels with messages, links, mentions, or inappropriate content
  • Sabotage:Delete channels, remove permissions, create chaos roles
  • Harassment:Target specific members with mention spam or harassment
  • Disruption:Trigger channel locks and server-wide notifications

How Anti-Raid Detection Works

Detection Methods

Join Velocity (Primary)

Monitors how many unique users join in a time window. Normal join rate might be 1-5 per minute. A raid shows 20+ joins per minute. System detects this pattern instantly.

Account Age Detection

Newly created Discord accounts ({<1 day old) are common raid vectors. System flags accounts matching this pattern and can quarantine them.

Behavioral Patterns

Multiple new accounts joining from same IP, with identical names/profiles, or performing identical actions suggests coordinated attack.

Message Correlation

If multiple new accounts send identical or near-identical messages, system recognizes spam pattern.

Sensitivity Levels

Configure how aggressive raid detection should be. Higher sensitivity catches more raids but risks false positives:

Low Sensitivity

Trigger: 50+ joins in 10 seconds OR 100+ joins in 1 minute

For: Large servers with 1000+ members joining daily. Very high false negative rate - only catches extreme raids.

Medium Sensitivity (Recommended)

Trigger: 20+ joins in 10 seconds OR 40+ joins in 1 minute

For: Most servers. Balances protection with avoiding false alerts during growth spikes or community events.

High Sensitivity

Trigger: 5+ joins in 10 seconds OR 10+ joins in 1 minute

For: Small servers or those that expect minimal joins. Will trigger on community events or server invitations. False positives likely.

Recommendation: Start with Medium. Monitor for one week. If you get false positives from legitimate growth, increase sensitivity. If raids slip through, decrease sensitivity.

Lockdown Mechanism

When a raid is detected, SYNTHET can automatically enter lockdown mode:

Instant Actions on Detection

  • ✓ Block new member joins (members cannot join for X minutes)
  • ✓ Create temporary "Unverified" role with no permissions
  • ✓ Assign all new joiners to Unverified role (quarantine)
  • ✓ Alert staff in designated alert channel with summary
  • ✓ Log raid event with details (join count, affected accounts)

Lockdown Duration

Lockdown stays active for configured duration (default: 30 minutes). During lockdown:

  • • New members cannot send messages or reactions
  • • New members cannot connect to voice channels
  • • Existing members function normally
  • • Staff can manually lift lockdown via /lockdown end

Account Age Filtering

Suspicious accounts (created within hours/days) are common in raids. Configure minimum account age:

Default: 1 Day

Accounts created within the last 24 hours are flagged as new.

Action: Assign them to Unverified role, require CAPTCHA verification, or auto-ban them during lockdown.

Configuration

Set via Dashboard → Protection → Moderation → Anti-Raid → "Min Account Age". Options: 1 hour, 1 day, 7 days, 30 days, or never restrict.

Manual Raid Response

If you suspect a raid is underway, you can manually trigger lockdown:

/lockdown [duration]

Manually trigger lockdown mode. Useful if you see suspicious activity but system hasn't auto-triggered yet.

/lockdown 30m

Activates lockdown for 30 minutes. You'll receive confirmation and can cancel with /lockdown end.

/lockdown end

Immediately end lockdown and restore normal join permissions. Unverified members are still quarantined until manually released or verified.

/antiraid ban [user-id]

Quickly ban suspicious raid accounts identified by system. Works with user IDs (useful since they might not be loadable).

Whitelist & Exemptions

Prevent false positives for legitimate users:

Whitelist Roles

Users with these roles bypass age filtering and lockdown restrictions:

  • • Bot roles (for legitimate bots)
  • • Staff roles (moderators)
  • • VIP/Patron roles

Protected Members

Individual users can be added to a protected list (e.g., community leaders). During lockdowns, they are not quarantined even if newly joined.

After a Raid: Recovery

Immediate Actions

  1. 1. /lockdown end (restore normal operations)
  2. 2. Review quarantined members list
  3. 3. Ban obvious raid accounts
  4. 4. Release legitimate new members from quarantine

Cleanup

If channels were spammed or deleted:

  • • Use /purge to bulk delete raid messages
  • • Use backup feature to restore deleted channels (Premium feature)
  • • Review roles and permissions for changes

Post-Raid Analysis

Review the raid event log to understand what happened and adjust settings if needed. Did the system catch it quickly? Were there false positives?

Best Practices

  • 1.Start with Medium sensitivity and adjust based on false positives/negatives
  • 2.Configure alert channel so staff is notified immediately of raids
  • 3.Test /lockdown in testing channel to understand the feature before relying on it
  • 4.Whitelist bot roles to prevent your own bots from triggering false alerts
  • 5.Have a documented raid response plan for your staff team
← Warning SystemDashboard Guide →