Article Hero
How-To7 minutes read
September 2, 2023
  • telegram
  • facebook
  • twitter
  • github

Discord Privacy, Security… and If All Else Fails, How to Delete a Discord Server

Setting up a Discord server with privacy and security in mind is critical. In 2021, the amount of phishing, hacking, and spamming reached record levels. A combination of pandemic boredom, opportunistic scumbags, and cheaper Cloud resources has resulted in a major headache for users and server administrators who just want to get on with their online lives.

This article will cover how to set up a secure Discord server, how to protect user privacy, how to recover from major setbacks, and finally how to delete a Discord server if necessary.


Using a Discord Server Template

One of the easiest ways to set up a functional server is to use a Discord server template. The support pages provide full instructions on how to create or apply a Discord server template. By using a known-secure template, a server owner can clone all of the categories, channels, roles, and permissions. This saves a lot of setup time.

A quite popular Discord server template with simplified moderation roles is the Advanced Private Server template. Once the server owner gets a hang of things, they can create new roles based on Member status, adding and subtracting permissions from that baseline.

The website discord.style has tons of options to choose from, but be aware that the more complex the template, the more time it will take to examine each and every role, channel, and category to make sure that the permissions make sense.

Basic Discord Server Security Measures

There are many decisions to be made about how users are validated, how moderation is handled, and who gets what permissions. But there is one vital step that gets ignored far too often: Always set up two-factor authentication on the server owner's account! There should be no exception to this rule. Among other things, two-factor authentication helps to prevent the hacking of the server owner's account (and thus the Owner's role) on the Discord server. It also provides an extra sanity step for the accident-prone… which can mean the difference between being asked to enter a six-digit number to confirm a destructive action, and accidentally deleting the entire server.

Other than 2FA on the owner's account, there are a few security factors to consider:

Always tend towards giving fewer permissions to any new role. If a moderator finds themselves in need of higher access levels, they can ask the owner. But if someone accidentally misuses a command that they're unfamiliar with, or if an account gets hacked and it has a higher level of permissions than it should, regret will be the immediate result. Start with lower-level permissions, and slowly beef up the power of roles after fully understanding the consequences.

Set a verification level of 'Medium' or above. A five-minute wait time while a new user reads the rules, watches the introductory video, or observes the community's chat is a small price to pay. Many bots try to join a server and immediately spam out their messages, whisper users, and the like. Even a short wait time is all that's required to frustrate these efforts, allow for automated checks to be run, and wait for other servers that have lower verification requirements to report the malicious bot.

Consider setting two-factor authentication requirements for moderators. Enabling server-wide 2FA for moderation means that if a high-level account gets hacked, there's an extra layer of protection in place. Without access to the moderator's authentication app, the hacker won't have the ability to issue server-crippling and community-destroying commands. Discord's guide for 2FA is fairly comprehensive, check it out.

Privacy on Discord Servers

Similarly, privacy is a major concern for any online service that puts users into contact with one another. There's really no way to tell another user's true nature or intent, so setting up the Discord client and personal accounts to be private by default is a wise call.

But remember: Discord is not open source. It's proprietary. What's really going on behind the scenes can change from patch to patch. Luckily, it's popular enough that security and privacy advocates examine it on a regular basis. But there's always a risk. We'll go over more all-encompassing privacy options after covering the program and app-specific ones.

Most of these options are found under Settings for the desktop version of Discord, reachable via the cog icon in the lower-left next to the active user's name.

  • Activate the Hide Personal Informationoption under Streamer Mode. If streaming attracts a large number of trolls, consider also toggling the Hide Invite Linksoption.
  • Check the Authorized Appssection regularly, and deauthorize anything that no longer needs access.
  • Under Connectionsturn off any displays that might share personal information, such as the Display on profileoption that Twitch uses to share community information. Also, turn off Automatically detect accounts from other platforms on this computer.
  • Under Activity Status, disable Display current activity as a status message.
  • Under Privacy & Safety, disable Usе data to improve Discord, Allow Discord to track screen reader usage, and Use data to customize my Discord experience.

Clearly, there are a lot of potential ways to leak personal information to Discord or to other users if the wrong options are turned on. It might be wise to look at more extreme measures to protect personal information.

One such option is the Hoody privacy and security app. By accessing Discord from a web browser, a user can take full advantage of the information spoofing capabilities offered by Hoody. These include randomizing user settings and changing the web browser's fingerprint. Features such as these have been proven to increase anonymity. This is particularly useful when accessing strange or unknown Discord servers, particularly when a user has no desire to share any personal information with anybody on that server.

If the user wishes to establish a more permanent, more community-friendly account, they can specify this to Hoody and set up a standard set of user profile information (true or not) to be used every time the site is visited. Hoody can also provide censorship protection by spoofing the user's region of origin as needed.

Between the tips stated above and the option to use Hoody on the browser-based version of Discord, most basic and advanced user privacy concerns are covered.

Discord Servers - Disaster Recovery

One obvious step to take as a hedge against disaster is creating a Discord server template any time there is a major change to the categories, channels, roles, or permissions. This makes server recreation much smoother should something horrible happen to it.

There are bots available that can create a backup of Discord servers. But as these aren't official functions of Discord, who knows what information is really being gathered and stored. These bots require a lot of different permissions in order to function properly (and given that the software isn't open-source, even an official bot would be suspect).

Of the bots that provide such a function, Xenon is the most popular. But again, there is no way to fully assess or accurately endorse the privacy or security of such a thing. So let the owner beware.

Should something destructive happen to a Discord server and it cannot be properly recovered, perhaps starting from scratch with the chosen Discord server template is the best option. If that's the case, the owner is going to have to learn how to delete a Discord server.

How to Delete a Discord Server

If all else fails, or if the experiment has simply run its course, the user may wish to know how to delete a Discord server. The method is slightly different depending on whether the desktop program or the mobile app is being used.

On the desktop program:

  1. Open Discord.
  2. Click on the server that will be deleted.
  3. Click on the down arrow at the top of the channel list and click Server Settings.
  4. At the bottom of the menu options, click on Delete Server.
  5. Enter the exact server name, including caps / lowercase / symbols / spaces.
  6. Click Delete Server.
  7. Go into the authenticator app (Google Authenticator, etc.) to get the server's code.
  8. Enter the six-digit auth code, then click Delete Server.

On the mobile app:

  1. Open Discord.
  2. Tap on the server that will be deleted.
  3. Swipe right to open the server submenu.
  4. Tap the server name at the top of the screen.
  5. Tap the cog icon to enter Settings.
  6. Tap the three vertical dots in the upper right-hand corner.
  7. Tap on Delete Server.
  8. Tap Delete.
  9. Go into the authenticator app (Google Authenticator, etc.) to get the server's code.
  10. Enter the six-digit auth code, then click Delete Server.

Once a Discord server is deleted, there's no going back. It needs to be recreated from scratch, and new invitations sent out to the community members.

Why Discord Alternatives Are So Difficult to Consider

Many people see Discord as a threat to privacy, even with all of the precautions that users can take (listed above). That's because some of the default policies stated in their Privacy Policy allow for data collection that cannot be turned off:

When you interact with us through the Services, we receive and store certain information such as an IP address, device ID, and your activities within the Services. We may store such information or such information may be included in databases owned and maintained by affiliates, agents, or service providers. The Services may use such information and pool it with other information to track, for example, the total number of visitors to our Site, the number of messages users have sent, as well as the sites which refer visitors to Discord.

And the information they collect can be freely shared with their affiliates and partners:

In an ongoing effort to better understand and serve the users of the Services, we may conduct research on our customer demographics, interests, and behavior based on the information collected. This research may be compiled and analyzed on an aggregate basis, and we may share this aggregate data with our affiliates, agents, and business partners. We may also disclose aggregated user statistics in order to describe our services to current and prospective business partners, and to other third parties for other lawful purposes.

How do they use the collected information?

The Company and its subsidiaries and affiliates (the “Related Companies”) may also use your information collected through the Services to help us improve the content and functionality of the Services, to better understand our users, and to improve the Services. The Company and its affiliates may use this information to contact you in the future to tell you about services we believe will be of interest to you. If we do so, each marketing communication we send you will contain instructions permitting you to "opt-out" of receiving future marketing communications.

Finally, Discord simply ignores Do Not Track:

Our Services currently do not respond to “Do Not Track” (DNT) signals and operate as described in this Privacy Policy whether or not a DNT signal is received, as there is no consistent industry standard for compliance.

But there's a reason it's such a popular piece of software. To replace Discord's functionality at the level of quality they've managed to achieve would take a combination of two to three different open source options, none of which have the kind of popularity or concentrated user base that Discord has (at least as of Q3 2021). And with anything having to do with social interaction, attracting a broad audience is key.

So for many people who take advantage of the full gamut of Discord's services, the best compromise is to use the web version of the program in conjunction with Hoody, rather than try to replace everything piece by piece.

Conclusion

After using a reliable Discord server template, customizing the server's roles, and following all of the privacy and security suggestions above, there's not much more that can be done within the core software to enhance privacy and security. Users will need to turn to third-party utilities to achieve a decent level of personal reassurance when using Discord. Given their broad data collection and usage policies, obfuscating even the most common categories of personal data may be in the user's best interest.

Will R
Hoody Editorial Team

Will is a former Silicon Valley sysadmin and award-winning non-functional tester. After 20+ years in tech, he decided to share his experience with the world as a writer. His recent work involves documenting government hacking methods while probing the current state of privacy and security on the Internet.

Latest


Blog
Timer7 minutes read

How the Government Hacks You, Final Chapter: IoT Hacks

Chapter 14: IoT Hacks

Will R
6 months ago
Blog
Timer9 minutes read

How the Government Hacks You, Chapter 13: GPS Tracking

Dive into the unsettling world of government-controlled GPS tracking!

Will R
6 months ago
Blog
Timer7 minutes read

How the Government Hacks You, Chapter 12: Garbage Day

Trash Talk: How your garbage can be exploited by hackers, law enforcement, and government agencies

Will R
7 months ago
Blog
Timer8 minutes read

How the Government Hacks You, Chapter 11: Resonance Attacks

It’s time to uncover how government surveillance gets personal.

Will R
7 months ago

Bulletproof privacy in one click

Discover the world's #1 privacy solution

  • Chrome Icon
  • Brave Icon
  • Edge Icon
  • Chromium Icon
  • Coming soon

    Firefox Icon
  • Coming soon

    Safari Icon
  • Coming soon

    Opera Icon

No name, no email, no credit card required

Create Key