Skip to main content

🛜 Self hosting

Self hosting runs a small HTTP server inside your Minecraft server that serves the resource pack directly. Free, zero external services, and perfect for small servers and development. Not recommended for large player counts unless you have ample upload bandwidth.

Configuration​

YAML
resource-pack:  delivery:    hosting:      - type: "self"-       ip: "localhost"+       ip: "Your Server IP" # e.g. 111.222.333.444, or "auto"        port: 8163        protocol: "http"        # Block requests from non-Minecraft clients (checks User-Agent header)        deny_non_minecraft_request: true        # Generate single-use, time-limited download links        one_time_token: true        # Enhanced validation for token and Minecraft-only check.        # Do NOT enable on offline-mode servers.        strict_validation: false        rate_limiting:          max_bandwidth_per_second: 5_000_000   # 5 MB/s total upload cap          min_download_speed_per_player: 50_000  # 50 KB/s per-player floor          qps_per_ip: 5/60                       # 5 requests per 60 seconds per IP

Field Reference​

FieldDefaultDescription
ip"auto"IP the HTTP server binds to. "auto" detects the public IP via Cloudflare trace. Set "127.0.0.1" or "0.0.0.0" to bind locally.
port"auto"Port the HTTP server listens on. "auto" shares the Minecraft server port (piggybacks on its Netty pipeline). Set a number (e.g. 8163) for a dedicated port.
url(auto)If set, overrides the auto-generated URL sent to clients. See below. Must start with http:// or https://. Trailing / auto-appended.
protocol"http"Protocol for the auto-generated URL. Ignored when url is set.
deny_non_minecraft_requesttrueRejects requests whose User-Agent doesn't start with Minecraft Java/.
one_time_tokentrueAppends a unique ?token= to each player's download URL. Tokens expire after 1 minute and are single-use.
strict_validationfalseBinds the token to the player's UUID via the X-Minecraft-UUID header. Do not enable on offline-mode servers.
rate_limiting.*—IP-based rate limiting.

When the public address differs from the bind address​

By default, the download URL sent to players is auto-built from ip, port, and protocol:

http://111.222.333.444:8163/download

When the internal bind address differs from what players should use — a reverse proxy, a CDN, or VPS NAT where the public IP and port don't match the internal ones — set url to override it:

url: "https://real-public-address/"

This produces https://real-public-address/download (with optional ?token=...). Two common scenarios:

Reverse proxy — nginx, Caddy, or HAProxy sits in front, handles TLS, and forwards to the internal HTTP server.

VPS with NAT / port mapping — the server's internal IP and port differ from the public ones (common with cloud providers).

- type: "self"
ip: "127.0.0.1"
port: 8163
url: "https://real-public-address/"
deny_non_minecraft_request: false
strict_validation: false
caution

Do not use https in url or protocol without a valid SSL certificate, or players will fail to download the resource pack.