A webhook is sort of a “reverse API”: rather than an application you own (like a bot) calling another application to receive data when it wants it, a webhook is something you can give to someone else's application to send data to you directly as soon as there’s something to share. This makes the process very convenient and efficient for both providers and users.
Now let’s apply this definition to a more tangible example. Let’s say you aren’t around to reply to new e-mails for a while. Through the power of webhooks you could have a setup that replies automatically! When an event happens on a service (like receiving an email), that service activates your webhook and sends you the data relevant to the event that happened. That way, you have exactly the information you need to automatically reply to each new e-mail you receive.
So what does this mean for your server? Basically, Discord provides you with the ability to have a webhook that sends a message to your server when it’s activated, with the option to send the message to any channel along with having a cool name and avatar of your choice.
For example, let’s say you’re waiting for the latest chapter of your favorite webcomic series to release. You can set up a webhook that’s connected with an RSS feed. The feed will activate the webhook when the chapter is released and a message will be posted on your server to notify you about it. This can be applied to many different things - the potential is limitless!
If the service is capable of sending JSON Webhooks, Discord can often use these to create visually appealing embeds when it sends a message out. However, it can also accept raw text messages to pass along as well.
Webhooks are a great tool for services that have events that you’re interested in latching onto. This can be incredibly useful for Content Creator communities where their latest YouTube videos or Twitter posts can be funneled into channels for followers to have easy viewing access in your Discord community. You could also use this for a community that’s oriented towards an open-source technology by having events from GitHub be submitted directly to your server for people to keep track of.
There are a lot of platforms out there that provide you with the ability to handle everything by yourself- from creating the Webhook through your Discord Server Settings to plugging it into the platform you want updates from. However, this often requires you to be more familiar with at least some level of programming as many of these platforms require developer accounts. There can be a few hoops to jump through to get everything set up just right. This can often turn people off from using these types of webhooks.
However, times are changing and the barrier to entry when dabbling into the world of webhooks is much lower. These days, multiple third-party services exist that have handled all the hard techy stuff for you. They can interface with the platforms that would normally require you to do extra work to get the data you want. IFTTT and Zapier are two such services that lets you plug-and-play several useful platforms directly into your Discord server through a clean web interface that allows you to customize the type of data your webhook receives, and thus what messages are sent to your server. Just keep in mind that some services have restrictions on how many events can be sent to one webhook, so you may have to create multiple distinct webhooks for multiple functionalities. Note that these options and restrictions are entirely platform-dependent. Discord has no problems handling whatever data is thrown at its webhooks when activated, even if it’s from different sources.
There’s another use-case for Webhooks that is more unique. While they’re very useful for automated messages, they’re also great for one-off embed messages that have a very polished look! You have the ability to customize the name and the avatar of the webhook, but if you’re technologically-inclined you can create your own JSON data to activate the webhook with. This allows you to fully define the aesthetics of an embed in your message, giving a clean look to whatever information you’re sending. One possible application is nice formatting for your server rules and information, rather than just sending multiple plain text messages.
Of course, there are other possible uses, the only limit is your creativity! If you’re not too keen on developing JSON data by hand, or have no idea what a “JSON” is, services like Discohook also make it easy for anyone to take advantage of this use case. As a note, the websites linked here are not endorsed by Discord and are only a suggestion from the authors of the article.
The process of setting up webhooks can be roughly explained in five simple steps!
Step 1: In your Discord server, you will need to create a webhook and copy the webhook URL. This URL is the path for your webhook to receive an HTTP POST request from a service when an event occurs.
Step 2: From this menu, you have the ability to style your webhook with a name and avatar. We recommend at least a name to distinguish its purpose.
Step 3: If you’re using a third-party service to handle events or send messages, plug your webhook URL into the service and configure the type of events that the service should trigger for.
Step 4: If your third-party service allows you to, configure additional options that will change the look and content of your message to the way you like.
Step 5: Now that you’ve created the connection, when the event happens, the data will be sent directly to Discord and your webhook will post a message in your preferred channel!
*Unless you are using the channel description for verification instructions rather than an automatic greeter message.
If you want to use the remove unverified role method, you will need a bot that can automatically assign a role to a user when they join.
Once you decide whether you want to add or remove a role, you need to decide how you want that action to take place. Generally, this is done by typing a bot command in a channel, typing a bot command in a DM, or clicking on a reaction. The differences between these methods are shown below.
In order to use the command in channel method, you will need to instruct your users to remove the Unverified role or to add the Verified role to themselves.
We’ve been talking about embeds a lot, but we haven’t quite explained what they are yet! In simple terms, embedding refers to the integration of links, images, GIFs, videos and other forms of content into messages on social media. An embed itself is a part of the message that visually represents content in order to increase engagement.
As a user of Discord, you have probably seen embeds more than a few times. They often are created automatically by Discord when a user sends a link, such as allowing you to view a YouTube video within Discord when a YouTube URL is shared. But did you know that Discord Bots and Webhooks can create their own embeds with all kinds of data? They’re pretty flexible! They can have colored borders, images, text fields, and other kinds of fancy properties.
If you're a developer, the options available to you to create a good-looking embed are powerful and versatile. For non-developers, platforms may give you visualizations that help you plug-and-play data into a website for customization purposes. There are also online tools to help you do this too!
Here are several of those properties that can be modified in an embed in order to style it, to give you an idea of what’s possible when you have the ability to style your messages:
Markdown is also supported in an embed. Here is an image to showcase an example of these properties:
Example image to showcase the elements of an embed
An important thing to note is that embeds also have their limitations, which are set by the API. Here are some of the most important ones you need to know:
An important thing to note is that embeds also have their limitations, which are set by the API. Here are some of the most important ones you need to know:
If you feel like experimenting even further you should take a look at the full list of limitations provided by Discord here.
It’s very important to keep in mind that when you are writing an embed, it should be in JSON format. Some bots even provide an embed visualizer within their dashboards. You can also use this embed visualizer tool which provides visualization for bot and webhook embeds.
There are several benefits to using webhooks in your community including simplicity, versatility, automation, customization, and accessibility.
Simplicity. Webhooks are straightforward and lacking in complexity. They have a single function, which is to send a designated message when they are activated.
Versatility. Webhooks have many different use cases, all stemming from being able to send a message upon activation. This allows for many types of automation powered by other services, or allows you to send clean looking messages manually. Both of these setups have their own various uses ranging from posting updates and logging to posting custom messages for an aesthetic purpose.
Automation. With webhooks, there isn’t a need to constantly look for updates and post them yourself. Once set up, a webhook will automatically post any updates you need.
Customization. Each webhook can have a unique name and avatar, and each message it sends can be unique as well. You can have multiple webhooks with different looks in different channels and use each of them however you like.
Accessibility. Once you create a webhook, all you need is its URL and a website that will push messages. Since these webhooks are hosted on Discord, they don’t need to be hosted like a normal bot, often saving moderation teams from encountering a financial investment to use them, and making them more easily available to all users.
Webhooks and bots, while having slight similarities, are actually very different from each other. There are several aspects we have to look at when comparing the two:
Even though this comparison is important for better understanding of both bots and webhooks, it does not mean you should limit yourself to only picking one or the other. Sometimes, bots and webhooks work their best when working together. It’s not uncommon for bots to use webhooks for logging purposes or to distinguish notable messages with a custom avatar and name for that message. Both tools are essential for a server to function properly and make for a powerful combination.
*Unconfigurable filters, these will catch all instances of the trigger, regardless of whether they’re spammed or a single instance
**Gaius also offers an additional NSFW filter as well as standard image spam filtering
***YAGPDB offers link verification via google, anything flagged as unsafe can be removed
****Giselle combines Fast Messages and Repeated Text into one filter
Anti-Spam is integral to running a large private server, or a public server. Spam, by definition, is irrelevant or unsolicited messages. This covers a wide base of things on Discord, there are multiple types of spam a user can engage in. The common forms are listed in the table above. The most common forms of spam are also very typical of raids, those being Fast Messages and Repeated Text. The nature of spam can vary greatly but the vast majority of instances involve a user or users sending lots of messages with the same contents with the intent of disrupting your server.
There are subsets of this spam that many anti-spam filters will be able to catch. If any of the following: Mentions, Links, Invites, Emoji, and Newline Text are spammed repeatedly in one message or spammed repeatedly across several messages, they will provoke most Repeated Text and Fast Messages filters appropriately. Subset filters are still a good thing for your anti-spam filter to contain as you may wish to punish more or less harshly depending on the spam. Namely, Emoji and Links may warrant separate punishments. Spamming 10 links in a single message is inherently worse than having 10 emoji in a message.
Anti-spam will only act on these things contextually, usually in an X in Y fashion where if a user sends, for example, 10 links in 5 seconds, they will be punished to some degree. This could be 10 links in one message, or 1 link in 10 messages. In this respect, some anti-spam filters can act simultaneously as Fast Messages and Repeated Text filters.
Sometimes, spam may happen too quickly for a bot to catch up. There are rate limits in place to stop bots from harming servers that can prevent deletion of individual messages if those messages are being sent too quickly. This can often happen in raids. As such, Fast Messages filters should prevent offenders from sending messages; this can be done via a mute, kick or ban. If you want to protect your server from raids, please read on to the Anti-Raid section of this article.
Text filters allow you to control the types of words and/or links that people are allowed to put in your server. Different bots will provide various ways to filter these things, keeping your chat nice and clean.
*Defaults to banning ALL links
**YAGPDB offers link verification via google, anything flagged as unsafe can be removed
***Setting a catch-all filter with carl will prevent link-specific spam detection
A text filter is integral to a well moderated server. It’s strongly, strongly recommended you use a bot that can filter text based on a blacklist. A Banned words filter can catch links and invites provided http:// and https:// are added to the word blacklist (for all links) or specific full site URLs to block individual websites. In addition, discord.gg can be added to a blacklist to block ALL Discord invites.
A Banned Words filter is integral to running a public server, especially if it’s a Partnered, Community or Verified server, as this level of auto moderation is highly recommended for the server to adhere to the additional guidelines attached to it. Before configuring a filter, it’s a good idea to work out what is and isn’t ok to say in your server, regardless of context. For example, racial slurs are generally unacceptable in almost all servers, regardless of context. Banned word filters often won’t account for context, with an explicit blacklist. For this reason, it’s also important a robust filter also contains whitelisting options. For example, if you add the slur ‘nig’ to your filter and someone mentions the country ‘Nigeria’ they could get in trouble for using an otherwise acceptable word.
Filter immunity may also be important to your server, as there may be individuals who need to discuss the use of banned words, namely members of a moderation team. There may also be channels that allow the usage of otherwise banned words. For example, a serious channel dedicated to discussion of real world issues may require discussions about slurs or other demeaning language, in this exception channel based Immunity is integral to allowing those conversations.
Link filtering is important to servers where sharing links in ‘general’ chats isn’t allowed, or where there are specific channels for sharing such things. This can allow a server to remove links with an appropriate reprimand without treating a transgression with the same severity as they would a user sending a racial slur.
Whitelisting/Blacklisting and templates for links are also a good idea to have. While many servers will use catch-all filters to make sure links stay in specific channels, some links will always be malicious. As such, being able to filter specific links is a good feature, with preset filters (Like the google filter provided by YAGPDB) coming in very handy for protecting your user base without intricate setup however, it is recommended you do configure a custom filter to ensure specific slurs, words etc. that break the rules of your server, aren’t being said.
Invite filtering is equally important in large or public servers where users will attempt to raid, scam or otherwise assault your server with links with the intention of manipulating your user base to join or where unsolicited self-promotion is potentially fruitful. Filtering allows these invites to be recognized, and dealt with more harshly. Some bots may also allow by-server white/blacklisting allowing you to control which servers are ok to share invites to, and which aren’t. A good example of invite filtering usage would be something like a partners channel, where invites to other, closely linked, servers are shared. These servers should be added to an invite whitelist to prevent their deletion.
Raids, as defined earlier in this article, are mass-joins of users (often selfbots) with the intent of damaging your server. There are a few methods available to you in order for you to protect your community from this behavior. One method involves gating your server with verification appropriately, as discussed in DMA 301.You can also supplement or supplant the need for verification by using a bot that can detect and/or prevent damage from raids.
*Unconfigurable, triggers raid prevention based on user joins & damage prevention based on humanly impossible user activity. Will not automatically trigger on the free version of the bot.
Raid detection means a bot can detect the large number of users joining that’s typical of a raid, usually in an X in Y format. This feature is usually chained with Raid Prevention or Damage Prevention to prevent the detected raid from being effective, wherein raiding users will typically spam channels with unsavoury messages.
Raid-user detection is a system designed to detect users who are likely to be participating in a raid independently of the quantity of frequency of new user joins. These systems typically look for users that were created recently or have no profile picture, among other triggers depending on how elaborate the system is.
Raid prevention stops a raid from happening, either by Raid detection or Raid-user detection. These countermeasures stop participants of a raid specifically from harming your server by preventing raiding users from accessing your server in the first place, such as through kicks, bans, or mutes of the users that triggered the detection.
Damage prevention stops raiding users from causing any disruption via spam to your server by closing off certain aspects of it either from all new users, or from everyone. These functions usually prevent messages from being sent or read in public channels that new users will have access to. This differs from Raid Prevention as it doesn’t specifically target or remove new users on the server.
Raid anti-spam is an anti spam system robust enough to prevent raiding users’ messages from disrupting channels via the typical spam found in a raid. For an anti-spam system to fit this dynamic, it should be able to prevent Fast Messages and Repeated Text. This is a subset of Damage Prevention.
Raid cleanup commands are typically mass-message removal commands to clean up channels affected by spam as part of a raid, often aliased to ‘Purge’ or ‘Prune’.It should be noted that Discord features built-in raid and user bot detection, which is rather effective at preventing raids as or before they happen. If you are logging member joins and leaves, you can infer that Discord has taken action against shady accounts if the time difference between the join and the leave times is extremely small (such as between 0-5 seconds). However, you shouldn’t rely solely on these systems if you run a large or public server.
Messages aren’t the only way potential evildoers can present unsavoury content to your server. They can also manipulate their Discord username or Nickname to cause trouble. There are a few different ways a username can be abusive and different bots offer different filters to prevent this.
*Gaius can apply same blacklist/whitelist to names as messages or only filter based on items in the blacklist tagged %name
**YAGPDB can use configured word-list filters OR a regex filter
Username filtering is less important than other forms of auto moderation, when choosing which bot(s) to use for your auto moderation needs, this should typically be considered last, since users with unsavory usernames can just be nicknamed in order to hide their actual username.
Thanks to their simplicity and accessibility, webhooks have become a staple in many communities. Despite their limitations and lack of functions compared to bots, they’re still very useful and play an important role in the automation and decoration of your server. Overall, webhooks are a great tool for pushing various messages, with limitless customization opportunities. Ultimately, the choice of using them depends solely on your needs and preferences.
One additional component not included in the table is the effects of implementing a verification gate. The ramifications of a verification gate are difficult to quantify and not easily summarized. Verification gates make it harder for people to join in the conversation of your server, but in exchange help protect your community from trolls, spam bots, those unable to read your server’s language, or other low intent users. This can make administration and moderation of your server much easier. You’ll also see that the percent of people that visit more than 3 channels increases as they explore the server and follow verification instructions, and that percent talked may increase if people need to type a verification command.
However, in exchange you can expect to see server leaves increase. In addition, total engagement on your other channels may grow at a slower pace. User retention will decrease as well. Furthermore, this will complicate the interpretation of your welcome screen metrics, as the welcome screen will need to be used to help people primarily follow the verification process as opposed to visiting many channels in your server. There is also no guarantee that people who send a message after clicking to read the verification instructions successfully verified. In order to measure the efficacy of your verification system, you may need to use a custom solution to measure the proportion of people that pass or fail verification.
Take the Discord Moderator Exam!Take the Exam