1. Pick the right jar

There's only one jar, georestrict-2.0.0.jar. The same file works on:

Where you install it matters. On a proxied network, the proxy is usually the cleanest place because it sees the original address and can stop the connection before a backend is chosen. Standalone servers can install it directly. A backend behind a proxy only works when IP forwarding is configured correctly.

2. Install

Bukkit / Paper / Folia / Spigot

shell
cd /path/to/server
cp georestrict-2.0.0.jar plugins/
./start.sh   # or systemctl restart minecraft

BungeeCord / Waterfall

shell
cd /path/to/proxy
cp georestrict-2.0.0.jar plugins/
./start.sh

Velocity

shell
cd /path/to/velocity
cp georestrict-2.0.0.jar plugins/
./start.sh

3. Verify the install

On startup you should see this in the console:

console
[GeoRestrict] GeoRestrict v2.0.0 starting...
[GeoRestrict] GeoRestrict enabled.

And a config file at plugins/GeoRestrict/config.yml (Bukkit) or plugins/GeoRestrict/config.yml (Bungee/Velocity).

4. Set up the Worker (recommended)

The default config points at the shared Worker at geoprotect.demonzdevelopment-e64.workers.dev. If you want the gateway under your own Cloudflare account:

  1. Fork or copy worker/src/index.js from this repo.
  2. Deploy it: npx wrangler deploy in the worker/ directory.
  3. Set GATEWAY_TOKENS as a Worker secret.
  4. Update gatewayUrl and gatewayToken in your plugin config.
If you set GATEWAY_TOKENS on the Worker, requests without a matching gatewayToken are rejected with HTTP 401. The default config has an empty token — leave it that way when using the public Worker, or set one to lock down your private one.

Updating

Replace the jar and restart. Missing config keys are merged with documented defaults while your existing values are kept. configVersion tracks the file schema, not the plugin release.

Uninstalling

Delete the jar, delete plugins/GeoRestrict/, restart. Nothing is written outside that directory.