Latest reviews

1st Purchase?

We love the team over at Artillex. Running a folia server comes with its challenges and the team is always helpful and quick to work on a solution.

If this is anything like AxHoes im sure its going to be great! Will update once we get more use out of it!

-MooshySMP
Artillex-Studios
Artillex-Studios
Thanks for the review! Feel free to let us know if you find any issues.
Really good plugin, its a must when you have too many players to manage, although i do think the latency should be faster but not a big deal honestly.
So i love all the plugins i have i have every plugin except hide and anticheat. If i need help or support with the plugins the staff team responds to me in under 1minute. I would recomend the plugins in you want a premium expirience.
Bought this for my server after having issues with Themis constantly flagging people for no apparent reason. Those issues are now mostly gone but sometimes people get kicked for using spears and/or riding players. Other than that there haven't been a ton of major issues. Works pretty well.
NetheriteLabs
NetheriteLabs
Hello, thanks for the review.

You can open ticket on our Discord and share your logs, so we can check if it's something that can be improved with configuration or if the change is needed in Themis itself.
Excellent Plugin for PvP server and very optimized plugin
The plugin for me doesnt work. im on 1.21.11. the discord hasnt gave me a license yet. And theres no auto generated folder for me so I can write the license. I need help. The discord server is taking forever.
ShyamStudio
ShyamStudio
Hey šŸ‘‹
The plugin does not require any license at all, so there’s nothing you need to enter or generate
If the plugin shows red in /plugins and no folder is created, it means the plugin is failing to load, not a license issue. Please check your server console for errors that will tell exactly what’s wrong.
Also, you opened the wrong ticket earlier which delayed things a bit, and support timing can vary due to timezones.
We’re here to help šŸ‘
Please send your console error and we’ll fix it quickly
Amazing tab config! Really gives that premium feel for a minecraft server.
looks good. Don't give up. love your work
Excellent product. Very high quality assets.
Good but some wont work i recommend tho very good but i hate the way there is a prefix
ImSkitlle
ImSkitlle
Please join the Discord server and create a ticket; I will help you with everything you need.
Love this game but can you help me add more dev
nice, owner is geek tho
Good Donutcore plugin approved
MrNaruto
MrNaruto
Thank you 😊
THE BEST NPC PLUGIN out there you can legit do fights such as 1v100s or even more. Its really great if you want to create a Scripted SMP
The seller fixed the issues that I had brought to their attention And the plugin works amazingly! 10/10 work
MrNaruto
MrNaruto
Thank you for the review ā™„ļø
This license was given for free. What's this?
All I can say is thank you so much Char, for your amazing work, for your patience, for make part of the best minecraft templates for stores.. And I hope just good words and good times for you. Boona is really an outstanding tebex theme, with alot of customisation available and a really great Support team!

Definitely recommended!
It is very good it gets the job done if you use a good config.
Best thirst plugin out there! very easy to configure, understand and also comes with a resource pack for java and bedrock
It may work as it is but i identified multiple potential security issues (around 11) total found and i do not recommend, unless only in testing enviroment unless fixed. However, I am not making any accusations. The extension does not clearly state whether it is secure or not, but it does claim that ā€œthe code includes both fallback mechanisms and security featuresā€ which naturally gives buyers a level of trust and expectation regarding its safety.

The SSO secret key gets exposed in plain URL query strings (visible in logs, browser history, proxies). Also, redirect URLs from the panel are never validated, meaning a compromised panel could redirect your users anywhere. Anyone who can see server logs, network traffic, or even your browser history can steal that key and log in as any user on your panel.
The extension blindly trusts whatever URL the panel tells it to redirect to. If someone hacks your panel, they can make the "Manage Server" button send your customers to a fake/phishing website instead.

If the panel returns a webpage instead of proper data, the extension tries to extract a redirect link from the raw HTML. This is dangerous because it trusts whatever the panel says without checking it.
If a customer can set a custom server name, that name goes straight to Pterodactyl with zero filtering. This could allow someone to inject malicious content that appears in your panel dashboard.
When a server is created, egg variables (like DATABASE_PASSWORD, ADMIN_PASSWORD) can be overridden by whatever is in the order settings, meaning a clever customer could potentially manipulate sensitive server configuration values at order time.

The extension never explicitly requires a valid SSL certificate when talking to your panel. If someone intercepts traffic between Paymenter and Pterodactyl (man-in-the-middle attack), they could read or modify API calls including your admin API key.
If someone enters -1, 0, or a non-number as a port in the port array, it goes straight to the API without any check. This could cause unexpected behavior or be exploited to mess with port allocation.
The extension writes user IDs, panel URLs, and full error stack traces to your log files. If anyone gains read access to your logs (a hacker, a disgruntled employee), they get a detailed map of your infrastructure.
Server ID guessing, the error messages behave differently depending on whether a server exists or not. A bad actor could loop through IDs and figure out exactly which service IDs have active servers on your panel.

The CPU pinning field (e.g. 0,2-4) is validated on the settings form, but when actually creating the server that value is used without being checked again. Someone bypassing the form could send garbage values directly to the API.
If two server creation requests for the same order fire at the same time (e.g. a double-click or a billing glitch), both could try to create the same server simultaneously and cause errors or duplicate entries.

Some issues are catched from the Pterodactyl panel directly, however Pterodactyl does NOT guarantee it will stay like that forever, and the code may change at any time.
Overall the SSO implementation is particularly concerning, transmitting secrets via GET parameters is a basic security mistake that exposes credentials to anyone with access to server logs or network traffic.
Top