@everyone and @here mentions. When triggered, the message is deleted and the user is timed out for moderator review.
Free for all servers. Uses Discord’s built-in mention detection — no false positives from messages that simply contain the text “@everyone”.
How It Works
- A member sends a message containing
@everyoneor@herethat actually triggers a mass notification - Hashbot checks if the member is on the allowlist or has a manager role
- If they are not exempt:
- The message is deleted
- The user is timed out for moderator review
- The action is logged to your log channel
Hashbot uses Discord’s
mention_everyone flag on the message object — not string matching. This means messages like “don’t use @everyone” will NOT trigger the protection, because they don’t actually ping anyone.Who Is Exempt
These members can use@everyone and @here without being blocked:
- Server owner and users with Administrator permission
- Hashbot Managers (users with configured manager roles)
- Members on the Allowlist (users or roles)
- Bots
Enabling Anti-Everyone Protection
From the Dashboard
Open the Dashboard
Go to dashboard.hashbot.com and select your server.
From Discord
Commands
| Command | Description |
|---|---|
/settings anti-everyone set-state state:enable | Enable anti-everyone protection |
/settings anti-everyone set-state state:disable | Disable anti-everyone protection |
Frequently Asked Questions
Does this work if my server already has @everyone permissions disabled?
Does this work if my server already has @everyone permissions disabled?
If you’ve already disabled the
Mention @everyone, @here, and All Roles permission for regular members, those members can’t trigger mass mentions anyway — so this feature would have nothing to catch. It’s most useful as a safety net in case channel permissions are misconfigured, or for servers that intentionally allow the permission for certain roles.How long is the timeout?
How long is the timeout?
The user is timed out using the same duration configured for malicious link detection (default: 7 days). You can adjust this with
/settings malicious-link set-timeout. This gives moderators time to review the incident and decide on further action.What if a legitimate moderator gets timed out?
What if a legitimate moderator gets timed out?
Make sure all moderators are either added to the Allowlist or have a Hashbot Manager role configured. Members with manager roles are exempt from anti-everyone protection.