Correcting Kick Errors on Bukkit-based platforms (#84 )

* Forcing BukkitPlayer#kickPlayer to always run within a main thread context using BukkitRunnable. Bumping version to 1.10.1 * Fixing async kick error, adding condition that allows players to be whitelisted even while they are offline (assuming this is not a cracked server). * Updating gradle piplines and files * correcting startup bug as a result of a packaging issue * Fixing asynchronous run command * Adds a regression test to ensure this doesnt happen again
Revert "Adding postgres"
2026-05-31 17:31:55 +00:00 · 2026-04-28 21:30:35 -04:00 · 2026-04-17 09:43:56 -04:00 · 2026-04-10 13:46:57 -04:00 · 2026-04-08 21:29:37 -04:00 · 2026-04-08 15:27:06 -04:00
166 changed files with 18299 additions and 1321 deletions
@@ -0,0 +1,34 @@
+---
+name: Bug report
+about: Create a bug report that will allow us to fix any unexpected behavior
+title: "[BUG]"
+labels: ''
+assignees: ''
+
+---
+
+**Describe the bug**
+A clear and concise description of what the bug is.
+
+**To Reproduce**
+Steps to reproduce the behavior:
+1. Go to '...'
+2. Click on '....'
+3. Scroll down to '....'
+4. See error
+
+**Expected behavior**
+A clear and concise description of what you expected to happen.
+
+**Screenshots**
+If applicable, add screenshots to help explain your problem.
+
+**What instance are you running KauriVPN on?**
+*Put an 'x' in the brackets to check it*
+- [ ] Velocity
+- [ ] Bukkit/Spigot
+- [ ] Bungeecord
+
+
+**Additional context**
+Add any other context about the problem here.
@@ -0,0 +1,20 @@
+---
+name: Feature request
+about: Suggest an idea you would like added
+title: "[FEATURE] "
+labels: enhancement
+assignees: ''
+
+---
+
+**Is your feature request related to a problem? Please describe.**
+A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
+
+**Describe the solution you'd like**
+A clear and concise description of what you want to happen.
+
+**Describe alternatives you've considered**
+A clear and concise description of any alternative solutions or features you've considered.
+
+**Additional context**
+Add any other context or screenshots about the feature request here.
@@ -0,0 +1,56 @@
+name: create-release.yml
+on:
+  workflow_dispatch:
+jobs:
+  build-and-release:
+    name: Build and Release
+    runs-on: ubuntu-latest
+    env:
+      JAVA_TOOL_OPTIONS: -Djavax.net.ssl.trustStoreType=JKS -Djavax.net.ssl.trustStore=/etc/ssl/certs/java/cacerts -Djavax.net.ssl.trustStorePassword=changeit
+    steps:
+      - uses: actions/checkout@v5
+      - name: Set up JDK 21
+        uses: actions/setup-java@v5
+        with:
+          java-version: '21'
+          distribution: 'zulu'
+      - name: Set up Gradle
+        uses: gradle/actions/setup-gradle@v4
+        with:
+          gradle-version: '9.4.1'
+      - name: Build
+        run: gradle build --no-daemon
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Get Version Number from Gradle
+        id: get_version
+        run: |
+          VERSION=$(gradle properties -q | awk -F': ' '/^version:/ {print $2; exit}')
+          echo "VERSION=$VERSION" >> "$GITHUB_ENV"
+      - name: Extract latest CHANGELOG entry
+        id: changelog
+        run: |
+          CHANGELOG_CONTENT=$(awk 'BEGIN {print_section=0;} /^## \[/ {if (print_section == 0) {print_section=1;} else {exit;}} print_section {print;}' CHANGELOG.md)
+          CHANGELOG_ESCAPED=$(echo "$CHANGELOG_CONTENT" | sed ':a;N;$!ba;s/\n/%0A/g')
+          echo "Extracted latest release notes from CHANGELOG.md:" 
+          echo -e "$CHANGELOG_CONTENT" 
+          echo "content=$CHANGELOG_ESCAPED" >> "$GITHUB_OUTPUT"
+      - name: Create Release
+        uses: actions/create-release@v1
+        id: create_release
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          tag_name: v${{ env.VERSION }}
+          release_name: Release v${{ env.VERSION }}
+          draft: false
+          prerelease: false
+          body: ${{ steps.changelog.outputs.content }}
+      - uses: actions/upload-release-asset@v1
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+        with:
+          upload_url: ${{ steps.create_release.outputs.upload_url }}
+          asset_path: ./build/libs/AntiVPN-${{ env.VERSION }}-universal.jar
+          asset_name: AntiVPN-v${{ env.VERSION }}.jar
+          asset_content_type: application/java-archive
@@ -0,0 +1,34 @@
+on:
+  push:
+    branches: [master]
+  pull_request:
+    branches: [master]
+  workflow_dispatch:
+ 
+jobs:
+  build:
+    name: Build and Test
+    runs-on: ubuntu-latest
+    env:
+      JAVA_TOOL_OPTIONS: -Djavax.net.ssl.trustStoreType=JKS -Djavax.net.ssl.trustStore=/etc/ssl/certs/java/cacerts -Djavax.net.ssl.trustStorePassword=changeit
+
+    steps:
+      - uses: actions/checkout@v5
+      - name: Set up JDK 21
+        uses: actions/setup-java@v5
+        with:
+          java-version: '21'
+          distribution: 'zulu'
+      - name: Set up Gradle
+        uses: gradle/actions/setup-gradle@v4
+        with:
+          gradle-version: '9.4.1'
+      - name: Build
+        run: gradle build -x test --no-daemon
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Upload AntiVPN
+        uses: actions/upload-artifact@v4
+        with:
+          name: AntiVPN-Universal
+          path: build/libs/AntiVPN-*-universal.jar
@@ -0,0 +1,50 @@
+on:
+  push:
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    env:
+      JAVA_TOOL_OPTIONS: -Djavax.net.ssl.trustStoreType=JKS -Djavax.net.ssl.trustStore=/etc/ssl/certs/java/cacerts -Djavax.net.ssl.trustStorePassword=changeit
+
+    steps:
+      - uses: actions/checkout@v5
+      - name: Set up JDK 21
+        uses: actions/setup-java@v5
+        with:
+          java-version: '21'
+          distribution: 'zulu'
+      - name: Set up Gradle
+        uses: gradle/actions/setup-gradle@v4
+        with:
+          gradle-version: '9.4.1'
+      - name: Build
+        run: gradle build -x test --no-daemon
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      - name: Upload AntiVPN
+        uses: actions/upload-artifact@v4
+        with:
+          name: AntiVPN-Universal
+          path: build/libs/AntiVPN-*-universal.jar
+
+  build-and-test:
+    runs-on: ubuntu-latest
+    env:
+      JAVA_TOOL_OPTIONS: -Djavax.net.ssl.trustStoreType=JKS -Djavax.net.ssl.trustStore=/etc/ssl/certs/java/cacerts -Djavax.net.ssl.trustStorePassword=changeit
+
+    steps:
+      - uses: actions/checkout@v5
+      - name: Set up JDK 21
+        uses: actions/setup-java@v5
+        with:
+          java-version: '21'
+          distribution: 'zulu'
+      - name: Set up Gradle
+        uses: gradle/actions/setup-gradle@v4
+        with:
+          gradle-version: '9.4.1'
+      - name: Build and Test
+        run: gradle build --no-daemon
+        env:
+          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -1,3 +1,179 @@
+# Created by https://www.toptal.com/developers/gitignore/api/windows,macos,linux,maven,java,intellij,eclipse,netbeans
+# Edit at https://www.toptal.com/developers/gitignore?templates=windows,macos,linux,maven,java,intellij,eclipse,netbeans
+
+### Eclipse ###
+.metadata
+bin/
+tmp/
+*.tmp
+*.bak
+*.swp
+*~.nib
+local.properties
+.settings/
+.loadpath
+.recommenders
+*.iml
+
+.idea/
+
+# External tool builders
+.externalToolBuilders/
+
+# Locally stored "Eclipse launch configurations"
+*.launch
+
+# PyDev specific (Python IDE for Eclipse)
+*.pydevproject
+
+# CDT-specific (C/C++ Development Tooling)
+.cproject
+
+# CDT- autotools
+.autotools
+
+# Java annotation processor (APT)
+.factorypath
+
+# PDT-specific (PHP Development Tools)
+.buildpath
+
+# sbteclipse plugin
+.target
+
+# Tern plugin
+.tern-project
+
+# TeXlipse plugin
+.texlipse
+
+# STS (Spring Tool Suite)
+.springBeans
+
+# Code Recommenders
+.recommenders/
+
+# Annotation Processing
+.apt_generated/
+.apt_generated_test/
+
+# Scala IDE specific (Scala & Java development for Eclipse)
+.cache-main
+.scala_dependencies
+.worksheet
+
+# Uncomment this line if you wish to ignore the project description file.
+# Typically, this file would be tracked if it contains build/dependency configurations:
+#.project
+
+### Eclipse Patch ###
+# Spring Boot Tooling
+.sts4-cache/
+
+### Intellij ###
+# Covers JetBrains IDEs: IntelliJ, RubyMine, PhpStorm, AppCode, PyCharm, CLion, Android Studio, WebStorm and Rider
+# Reference: https://intellij-support.jetbrains.com/hc/en-us/articles/206544839
+
+# User-specific stuff
+.idea/**/workspace.xml
+.idea/**/tasks.xml
+.idea/**/usage.statistics.xml
+.idea/**/dictionaries
+.idea/**/shelf
+
+# Generated files
+.idea/**/contentModel.xml
+
+# Sensitive or high-churn files
+.idea/**/dataSources/
+.idea/**/dataSources.ids
+.idea/**/dataSources.local.xml
+.idea/**/sqlDataSources.xml
+.idea/**/dynamic.xml
+.idea/**/uiDesigner.xml
+.idea/**/dbnavigator.xml
+
+# Gradle
+.idea/**/gradle.xml
+.idea/**/libraries
+
+# Gradle and Maven with auto-import
+# When using Gradle or Maven with auto-import, you should exclude module files,
+# since they will be recreated, and may cause churn.  Uncomment if using
+# auto-import.
+# .idea/artifacts
+# .idea/compiler.xml
+# .idea/jarRepositories.xml
+# .idea/modules.xml
+# .idea/*.iml
+# .idea/modules
+# *.iml
+# *.ipr
+
+# CMake
+cmake-build-*/
+
+# Mongo Explorer plugin
+.idea/**/mongoSettings.xml
+
+# File-based project format
+*.iws
+
+# IntelliJ
+out/
+
+# mpeltonen/sbt-idea plugin
+.idea_modules/
+
+# JIRA plugin
+atlassian-ide-plugin.xml
+
+# Cursive Clojure plugin
+.idea/replstate.xml
+
+# Crashlytics plugin (for Android Studio and IntelliJ)
+com_crashlytics_export_strings.xml
+crashlytics.properties
+crashlytics-build.properties
+fabric.properties
+
+# Editor-based Rest Client
+.idea/httpRequests
+
+# Android studio 3.1+ serialized cache file
+.idea/caches/build_file_checksums.ser
+
+### Intellij Patch ###
+# Comment Reason: https://github.com/joeblau/gitignore.io/issues/186#issuecomment-215987721
+
+# *.iml
+# modules.xml
+# .idea/misc.xml
+# *.ipr
+
+# Sonarlint plugin
+# https://plugins.jetbrains.com/plugin/7973-sonarlint
+.idea/**/sonarlint/
+
+# SonarQube Plugin
+# https://plugins.jetbrains.com/plugin/7238-sonarqube-community-plugin
+.idea/**/sonarIssues.xml
+
+# Markdown Navigator plugin
+# https://plugins.jetbrains.com/plugin/7896-markdown-navigator-enhanced
+.idea/**/markdown-navigator.xml
+.idea/**/markdown-navigator-enh.xml
+.idea/**/markdown-navigator/
+
+# Cache file creation bug
+# See https://youtrack.jetbrains.com/issue/JBR-2257
+.idea/$CACHE_FILE$
+
+# CodeStream plugin
+# https://plugins.jetbrains.com/plugin/12206-codestream
+.idea/codestream.xml
+
+### Java ###
 # Compiled class file
 *.class

@@ -12,6 +188,7 @@

 # Package Files #
 *.jar
+!gradle/wrapper/gradle-wrapper.jar
 *.war
 *.nar
 *.ear
@@ -22,8 +199,100 @@
 # virtual machine crash logs, see http://www.java.com/en/download/help/error_hotspot.xml
 hs_err_pid*

-# project stuff
-*.iml
-target/**
-out/**
-.idea/**
+### Linux ###
+*~
+
+# temporary files which can be created if a process still has a handle open of a deleted file
+.fuse_hidden*
+
+# KDE directory preferences
+.directory
+
+# Linux trash folder which might appear on any partition or disk
+.Trash-*
+
+# .nfs files are created when an open file is removed but is still being accessed
+.nfs*
+
+### macOS ###
+# General
+.DS_Store
+.AppleDouble
+.LSOverride
+
+# Icon must end with two \r
+Icon
+
+
+# Thumbnails
+._*
+
+# Files that might appear in the root of a volume
+.DocumentRevisions-V100
+.fseventsd
+.Spotlight-V100
+.TemporaryItems
+.Trashes
+.VolumeIcon.icns
+.com.apple.timemachine.donotpresent
+
+# Directories potentially created on remote AFP share
+.AppleDB
+.AppleDesktop
+Network Trash Folder
+Temporary Items
+.apdisk
+
+### Maven ###
+target/
+pom.xml.tag
+pom.xml.releaseBackup
+pom.xml.versionsBackup
+pom.xml.next
+release.properties
+dependency-reduced-pom.xml
+buildNumber.properties
+.mvn/timing.properties
+# https://github.com/takari/maven-wrapper#usage-without-binary-jar
+.mvn/wrapper/maven-wrapper.jar
+.flattened-pom.xml
+
+### NetBeans ###
+**/nbproject/private/
+**/nbproject/Makefile-*.mk
+**/nbproject/Package-*.bash
+build/
+nbbuild/
+dist/
+nbdist/
+.nb-gradle/
+
+### Windows ###
+# Windows thumbnail cache files
+Thumbs.db
+Thumbs.db:encryptable
+ehthumbs.db
+ehthumbs_vista.db
+
+# Dump file
+*.stackdump
+
+# Folder config file
+[Dd]esktop.ini
+
+# Recycle Bin used on file shares
+$RECYCLE.BIN/
+
+# Windows Installer files
+*.cab
+*.msi
+*.msix
+*.msm
+*.msp
+
+# Windows shortcuts
+*.lnk
+
+# End of https://www.toptal.com/developers/gitignore/api/windows,macos,linux,maven,java,intellij,eclipse,netbeans
+/.gradle/
+.grade/**
@@ -0,0 +1,27 @@
+plugins {
+    id 'com.gradleup.shadow'
+}
+
+evaluationDependsOn(':Bukkit:Plugin')
+
+dependencies {
+    compileOnly 'org.spigotmc:spigot-api:1.20.2-R0.1-SNAPSHOT'
+    compileOnly project(':Bukkit:Plugin')
+    implementation project(':Common:loader-utils')
+}
+
+shadowJar {
+    archiveClassifier.set('')
+
+    // Include the shaded plugin jar as a single resource file
+    from(project(':Bukkit:Plugin').tasks.shadowJar) {
+        rename { 'antivpn-bukkit.jarinjar' }
+    }
+}
+
+// Ensure the plugin is built before packaging the loader
+tasks.named('shadowJar') {
+    dependsOn(':Bukkit:Plugin:shadowJar')
+}
+
+tasks.build.dependsOn shadowJar
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bukkit.loader;
+
+import dev.brighten.antivpn.loader.JarInJarClassLoader;
+import dev.brighten.antivpn.loader.LoaderBootstrap;
+import org.bukkit.plugin.java.JavaPlugin;
+
+public class BukkitLoaderPlugin extends JavaPlugin {
+
+    private static final String JAR_NAME = "antivpn-bukkit.jarinjar";
+    private static final String SOURCE_NAME = "antivpn-source.jarinjar";
+    private static final String BOOTSTRAP_CLASS = "dev.brighten.antivpn.bukkit.BukkitPlugin";
+
+    private final LoaderBootstrap plugin;
+
+    public BukkitLoaderPlugin() {
+        JarInJarClassLoader loader = new JarInJarClassLoader(getClass().getClassLoader(), JAR_NAME, SOURCE_NAME);
+        this.plugin = loader.instantiatePlugin(BOOTSTRAP_CLASS, JavaPlugin.class, this);
+    }
+
+    @Override
+    public void onLoad() {
+        this.plugin.onLoad(getDataFolder());
+    }
+
+    @Override
+    public void onEnable() {
+        this.plugin.onEnable();
+    }
+
+    @Override
+    public void onDisable() {
+        this.plugin.onDisable();
+    }
+
+
+}
@@ -0,0 +1,6 @@
+name: KauriVPN
+main: dev.brighten.antivpn.bukkit.loader.BukkitLoaderPlugin
+version: ${project.version}
+author: funkemunky
+api-version: 1.13
+folia-supported: true
@@ -0,0 +1,27 @@
+plugins {
+    id 'com.gradleup.shadow'
+}
+
+dependencies {
+    compileOnly 'org.spigotmc:spigot-api:1.20.2-R0.1-SNAPSHOT'
+    implementation project(':Common:Source')
+    implementation project(':Common:loader-utils')
+    implementation 'org.bstats:bstats-bukkit:2.2.1'
+    testImplementation 'com.github.seeseemelk:MockBukkit-v1.20:3.84.0'
+    testImplementation 'com.github.ben-manes.caffeine:caffeine:3.1.8'
+    testImplementation 'org.mockito:mockito-core:5.11.0'
+    testImplementation 'org.mockito:mockito-subclass:5.11.0'
+    testImplementation 'org.mockito:mockito-junit-jupiter:5.11.0'
+}
+
+shadowJar {
+    archiveClassifier.set('')
+    relocate 'org.bstats', 'dev.brighten.antivpn.bukkit.org.bstats'
+}
+
+test {
+    useJUnitPlatform()
+    systemProperty 'mockito.mockmaker', 'subclass'
+}
+
+tasks.build.dependsOn shadowJar
@@ -0,0 +1,56 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bukkit;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.api.APIPlayer;
+import dev.brighten.antivpn.command.CommandExecutor;
+import lombok.RequiredArgsConstructor;
+import org.bukkit.ChatColor;
+import org.bukkit.command.CommandSender;
+import org.bukkit.entity.Player;
+
+import java.util.Optional;
+
+@RequiredArgsConstructor
+public class BukkitCommandExecutor implements CommandExecutor {
+
+    private final CommandSender sender;
+
+    @Override
+    public void sendMessage(String message, Object... objects) {
+        sender.sendMessage(ChatColor.translateAlternateColorCodes('&',
+                String.format(message, objects)));
+    }
+
+    @Override
+    public boolean hasPermission(String permission) {
+        return sender.hasPermission(permission);
+    }
+
+    @Override
+    public Optional<APIPlayer> getPlayer() {
+        if(!isPlayer()) return Optional.empty();
+
+        return AntiVPN.getInstance().getPlayerExecutor().getPlayer(((Player)sender).getUniqueId());
+    }
+
+    @Override
+    public boolean isPlayer() {
+        return sender instanceof Player;
+    }
+}
@@ -0,0 +1,120 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bukkit;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.api.APIPlayer;
+import dev.brighten.antivpn.api.OfflinePlayer;
+import dev.brighten.antivpn.api.VPNExecutor;
+import dev.brighten.antivpn.utils.StringUtil;
+import net.md_5.bungee.api.ChatColor;
+import org.bukkit.Bukkit;
+import org.bukkit.event.EventHandler;
+import org.bukkit.event.EventPriority;
+import org.bukkit.event.HandlerList;
+import org.bukkit.event.Listener;
+import org.bukkit.event.player.PlayerJoinEvent;
+import org.bukkit.event.player.PlayerLoginEvent;
+import org.bukkit.event.player.PlayerQuitEvent;
+import org.bukkit.scheduler.BukkitRunnable;
+
+import java.util.logging.Level;
+
+public class BukkitListener extends VPNExecutor implements Listener {
+
+    @Override
+    public void registerListeners() {
+        Bukkit.getPluginManager()
+                .registerEvents(this, BukkitPlugin.pluginInstance.getPlugin());
+    }
+
+    @Override
+    public void log(Level level, String log, Object... objects) {
+        Bukkit.getLogger().log(level, String.format(log, objects));
+    }
+
+    @Override
+    public void log(String log, Object... objects) {
+        log(Level.INFO, String.format(log, objects));
+    }
+
+    @Override
+    public void logException(String message, Throwable ex) {
+        Bukkit.getLogger().log(Level.SEVERE, message, ex);
+    }
+
+    @Override
+    public void runCommand(String command) {
+        new BukkitRunnable() {
+            public void run() {
+                Bukkit.getServer().dispatchCommand(Bukkit.getConsoleSender(),
+                        ChatColor.translateAlternateColorCodes('&', command));
+            }
+        }.runTask(BukkitPlugin.pluginInstance.getPlugin());
+    }
+
+    @Override
+    public void disablePlugin() {
+        HandlerList.unregisterAll(this);
+        Bukkit.getPluginManager().disablePlugin(BukkitPlugin.pluginInstance.getPlugin());
+    }
+
+    @EventHandler(priority = EventPriority.HIGH)
+    public void onLogin(final PlayerLoginEvent event) {
+        APIPlayer player = AntiVPN.getInstance().getPlayerExecutor().getPlayer(event.getPlayer().getUniqueId())
+                .orElse(new OfflinePlayer(
+                        event.getPlayer().getUniqueId(),
+                        event.getPlayer().getName(),
+                        event.getAddress()
+                ));
+
+        player.checkPlayer(result -> {
+            if(!result.resultType().isShouldBlock()) return;
+
+            if(!AntiVPN.getInstance().getVpnConfig().isKickPlayers()) {
+                return;
+            }
+
+            event.setResult(PlayerLoginEvent.Result.KICK_BANNED);
+            event.setKickMessage(switch (result.resultType()) {
+                case DENIED_COUNTRY -> StringUtil.varReplace(
+                        AntiVPN.getInstance().getVpnConfig().getCountryVanillaKickReason(),
+                        player,
+                        result.response()
+                );
+                case DENIED_PROXY ->
+                        StringUtil.varReplace(
+                                AntiVPN.getInstance().getVpnConfig().getKickMessage(),
+                                player,
+                                result.response()
+                        );
+                default -> "You were kicked by KauriVPN for an unknown reason!";
+            });
+        });
+    }
+
+    @EventHandler(priority = EventPriority.MONITOR, ignoreCancelled = true)
+    public void onJoin(final PlayerJoinEvent event) {
+        AntiVPN.getInstance().getPlayerExecutor().getPlayer(event.getPlayer().getUniqueId())
+                .ifPresent(APIPlayer::checkAlertsState);
+    }
+
+    @EventHandler
+    public void onQuit(PlayerQuitEvent event) {
+        AntiVPN.getInstance().getPlayerExecutor().unloadPlayer(event.getPlayer().getUniqueId());
+    }
+}
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bukkit;
+
+import dev.brighten.antivpn.api.APIPlayer;
+import org.bukkit.ChatColor;
+import org.bukkit.entity.Player;
+import org.bukkit.scheduler.BukkitRunnable;
+
+public class BukkitPlayer extends APIPlayer {
+
+    private final Player player;
+    public BukkitPlayer(Player player) {
+        super(player.getUniqueId(), player.getName(), player.getAddress() != null ? player.getAddress().getAddress() : null);
+
+        this.player = player;
+    }
+
+    @Override
+    public void sendMessage(String message) {
+        player.sendMessage(ChatColor.translateAlternateColorCodes('&', message));
+    }
+
+    @Override
+    public void kickPlayer(String reason) {
+        new BukkitRunnable() {
+            public void run() {
+                player.kickPlayer(ChatColor.translateAlternateColorCodes('&', reason));
+            }
+        }.runTask(BukkitPlugin.pluginInstance.getPlugin());
+    }
+
+    @Override
+    public boolean hasPermission(String permission) {
+        return player.hasPermission(permission);
+    }
+}
@@ -0,0 +1,66 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bukkit;
+
+import dev.brighten.antivpn.api.APIPlayer;
+import dev.brighten.antivpn.api.PlayerExecutor;
+import org.bukkit.Bukkit;
+import org.bukkit.entity.Player;
+
+import java.util.*;
+import java.util.stream.Collectors;
+
+public class BukkitPlayerExecutor implements PlayerExecutor {
+
+    private final Map<UUID, BukkitPlayer> cachedPlayers = new HashMap<>();
+
+    @Override
+    public Optional<APIPlayer> getPlayer(String name) {
+        final Player player = Bukkit.getPlayer(name);
+
+        if(player == null) {
+            return Optional.empty();
+        }
+
+        return Optional.of(cachedPlayers.computeIfAbsent(player.getUniqueId(), k -> new BukkitPlayer(player)));
+    }
+
+    @Override
+    public Optional<APIPlayer> getPlayer(UUID uuid) {
+        final Player player = Bukkit.getPlayer(uuid);
+
+        if(player == null) {
+            return Optional.empty();
+        }
+
+        return Optional.of(cachedPlayers.computeIfAbsent(player.getUniqueId(), k -> new BukkitPlayer(player)));
+    }
+
+    @Override
+    public void unloadPlayer(UUID uuid) {
+        cachedPlayers.remove(uuid);
+    }
+
+
+    @Override
+    public List<APIPlayer> getOnlinePlayers() {
+        return Bukkit.getOnlinePlayers().stream()
+                .map(pl -> cachedPlayers.computeIfAbsent(pl.getUniqueId(), k -> new BukkitPlayer(pl)))
+                .collect(Collectors.toList());
+    }
+
+}
@@ -0,0 +1,162 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bukkit;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.bukkit.command.BukkitCommand;
+import dev.brighten.antivpn.command.Command;
+import dev.brighten.antivpn.database.VPNDatabase;
+import dev.brighten.antivpn.database.local.H2VPN;
+import dev.brighten.antivpn.database.mongo.MongoVPN;
+import dev.brighten.antivpn.database.sql.MySqlVPN;
+import dev.brighten.antivpn.loader.LoaderBootstrap;
+import lombok.Getter;
+import org.bstats.bukkit.Metrics;
+import org.bstats.charts.SimplePie;
+import org.bukkit.Bukkit;
+import org.bukkit.command.SimpleCommandMap;
+import org.bukkit.event.HandlerList;
+import org.bukkit.plugin.SimplePluginManager;
+import org.bukkit.plugin.java.JavaPlugin;
+import org.bukkit.scheduler.BukkitRunnable;
+
+import java.io.File;
+import java.lang.reflect.Field;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.Map;
+
+public class BukkitPlugin implements LoaderBootstrap {
+
+    public static BukkitPlugin pluginInstance;
+    private SimpleCommandMap commandMap;
+    @Getter
+    private File dataFolder;
+    private final List<org.bukkit.command.Command> registeredCommands = new ArrayList<>();
+    @Getter
+    private final JavaPlugin plugin;
+
+    public BukkitPlugin(JavaPlugin plugin) {
+        this.plugin = plugin;
+    }
+
+    @Getter
+    private PlayerCommandRunner playerCommandRunner;
+
+    @Override
+    public void onLoad(File dataFolder) {
+        this.dataFolder = dataFolder;
+    }
+
+    public void onEnable() {
+        pluginInstance = this;
+
+        Bukkit.getLogger().info("Starting AntiVPN services...");
+        AntiVPN.start(new BukkitListener(), new BukkitPlayerExecutor(), getDataFolder());
+
+        playerCommandRunner = new PlayerCommandRunner();
+        playerCommandRunner.start();
+
+        // Loading our bStats metrics to be pushed to https://bstats.org
+        if(AntiVPN.getInstance().getVpnConfig().metrics()) {
+            Bukkit.getLogger().info("Starting bStats metrics...");
+            Metrics metrics = new Metrics(plugin, 12615);
+            metrics.addCustomChart(new SimplePie("database_used", this::getDatabaseType));
+            new BukkitRunnable() {
+                public void run() {
+                    AntiVPN.getInstance().checked = AntiVPN.getInstance().detections = 0;
+                }
+            }.runTaskTimerAsynchronously(plugin, 12000, 12000);
+        }
+
+        Bukkit.getLogger().info("Setting up and registering commands...");
+        // We need access to the commandMap to register our commands without using the "proper" method
+        if (Bukkit.getServer().getPluginManager() instanceof SimplePluginManager manager) {
+            try {
+                Field field = SimplePluginManager.class.getDeclaredField("commandMap");
+                field.setAccessible(true);
+                commandMap = (SimpleCommandMap) field.get(manager);
+            } catch (IllegalArgumentException | SecurityException | NoSuchFieldException | IllegalAccessException e) {
+                AntiVPN.getInstance().getExecutor().logException(e);
+            }
+        }
+
+        // Registering commands
+        for (Command command : AntiVPN.getInstance().getCommands()) {
+            // Wraps our general command API to Bukkit specific calls
+            BukkitCommand newCommand = new BukkitCommand(command);
+
+            // Adding to our own list for later referencing
+            registeredCommands.add(newCommand);
+
+            // This tells Bukkit to register our command for use.
+            commandMap.register(plugin.getName(), newCommand);
+        }
+
+        //TODO Finish system before implementing on startup
+        /*Bukkit.getLogger().info("Getting strings...");
+        AntiVPN.getInstance().getMessageHandler().initStrings(vpnString -> new ConfigDefault<>
+                (vpnString.getDefaultMessage(), "messages." + vpnString.getKey(), BukkitPlugin.pluginInstance)
+                .get());
+        AntiVPN.getInstance().getMessageHandler().reloadStrings();*/
+
+        plugin.reloadConfig();
+    }
+
+    @Override
+    @SuppressWarnings("unchecked")
+    public void onDisable() {
+        Bukkit.getLogger().info("Stopping plugin services...");
+        AntiVPN.getInstance().stop();
+        playerCommandRunner.stop();
+
+        Bukkit.getLogger().info("Unregistering commands...");
+        try {
+            Field field = SimpleCommandMap.class.getDeclaredField("knownCommands");
+            field.setAccessible(true);
+
+            if(field.get(commandMap) instanceof Map<?, ?> knownCommands) {
+                Map<String, org.bukkit.command.Command> casted = (Map<String, org.bukkit.command.Command>) knownCommands;
+                casted.values().removeAll(registeredCommands);
+                registeredCommands.clear();
+            }
+
+        } catch (IllegalAccessException | NoSuchFieldException e) {
+            AntiVPN.getInstance().getExecutor().logException(e);
+        }
+
+        Bukkit.getLogger().info("Unregistering listeners...");
+        HandlerList.unregisterAll(plugin);
+
+        Bukkit.getLogger().info("Cancelling any running tasks...");
+        Bukkit.getScheduler().cancelTasks(plugin);
+    }
+
+    private String getDatabaseType() {
+        VPNDatabase database = AntiVPN.getInstance().getDatabase();
+
+        if(database instanceof MySqlVPN) {
+            return "MySQL";
+        } else if(database instanceof H2VPN) {
+            return "H2";
+        } else if(database instanceof MongoVPN) {
+            return "MongoDB";
+        } else {
+            return "No-Database";
+        }
+    }
+}
@@ -0,0 +1,77 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bukkit;
+
+import dev.brighten.antivpn.utils.MiscUtils;
+import lombok.Data;
+import org.bukkit.Bukkit;
+import org.bukkit.scheduler.BukkitRunnable;
+
+import java.util.Queue;
+import java.util.UUID;
+import java.util.concurrent.ArrayBlockingQueue;
+import java.util.concurrent.Executors;
+import java.util.concurrent.ScheduledExecutorService;
+import java.util.concurrent.TimeUnit;
+
+public class PlayerCommandRunner {
+    private final ScheduledExecutorService executorService;
+    private final Queue<PlayerAction> playerActions = new ArrayBlockingQueue<>(10000);
+
+    public PlayerCommandRunner() {
+        executorService = Executors.newSingleThreadScheduledExecutor(
+                MiscUtils.createThreadFactory("AntiVPN:PlayerCommandRunner")
+        );
+    }
+
+    void start() {
+        executorService.scheduleAtFixedRate(() -> {
+            long currentTime = System.currentTimeMillis();
+            while(!playerActions.isEmpty()) {
+                PlayerAction action = playerActions.peek();
+
+                if(action == null) continue;
+
+                if(currentTime - action.start > 2000L || Bukkit.getPlayer(action.getUuid()) != null) {
+                    new BukkitRunnable() {
+                        public void run() {
+                            action.getAction().run();
+                        }
+                    }.runTask(BukkitPlugin.pluginInstance.getPlugin());
+
+                    playerActions.poll();
+                }
+            }
+        }, 1000, 100, TimeUnit.MILLISECONDS);
+    }
+
+    void stop() {
+        executorService.shutdown();
+        playerActions.clear();
+    }
+
+    void addAction(UUID uuid, Runnable action) {
+        playerActions.add(new PlayerAction(uuid, System.currentTimeMillis(), action));
+    }
+
+    @Data
+    static class PlayerAction {
+        private final UUID uuid;
+        private final long start;
+        private final Runnable action;
+    }
+}
@@ -0,0 +1,93 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bukkit.command;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.bukkit.BukkitCommandExecutor;
+import dev.brighten.antivpn.command.Command;
+import lombok.val;
+import net.md_5.bungee.api.ChatColor;
+import org.bukkit.command.CommandSender;
+
+import java.util.Arrays;
+import java.util.List;
+import java.util.stream.IntStream;
+
+public class BukkitCommand extends org.bukkit.command.Command {
+
+    private final Command command;
+    public BukkitCommand(Command command) {
+        super(command.name(), command.description(), command.usage(), Arrays.asList(command.aliases()));
+
+        this.command = command;
+    }
+
+    @Override
+    public List<String> tabComplete(CommandSender sender, String alias, String[] args)
+            throws IllegalArgumentException {
+        val children = command.children();
+
+        if(children.length > 0 && args.length > 0) {
+            for (Command child : children) {
+                if(child.name().equalsIgnoreCase(args[0])  || Arrays.stream(child.aliases())
+                        .anyMatch(alias2 -> alias2.equalsIgnoreCase(args[0]))) {
+                    return child.tabComplete(new BukkitCommandExecutor(sender), alias, IntStream
+                            .range(0, args.length - 1)
+                            .mapToObj(i -> args[i + 1]).toArray(String[]::new));
+                }
+            }
+        }
+        return command.tabComplete(new BukkitCommandExecutor(sender), alias, args);
+    }
+
+    @Override
+    public boolean execute(CommandSender sender, String s, String[] args) {
+        if(!sender.hasPermission("antivpn.command.*")
+                && !sender.hasPermission(command.permission())) {
+            sender.sendMessage(ChatColor.translateAlternateColorCodes('&',
+                    AntiVPN.getInstance().getMessageHandler().getString("no-permission").getMessage()));
+            return true;
+        }
+
+        val children = command.children();
+
+        if(children.length > 0 && args.length > 0) {
+            for (Command child : children) {
+                if(child.name().equalsIgnoreCase(args[0])  || Arrays.stream(child.aliases())
+                        .anyMatch(alias -> alias.equalsIgnoreCase(args[0]))) {
+                    if(!sender.hasPermission("antivpn.command.*")
+                            && !sender.hasPermission(child.permission())) {
+                        sender.sendMessage(ChatColor.translateAlternateColorCodes('&',
+                                AntiVPN.getInstance().getMessageHandler().getString("no-permission").getMessage()));
+                        return true;
+                    }
+
+                    sender.sendMessage(ChatColor.translateAlternateColorCodes('&',
+                            child.execute(new BukkitCommandExecutor(sender), IntStream
+                                    .range(0, args.length - 1)
+                                    .mapToObj(i -> args[i + 1]).toArray(String[]::new))));
+                    return true;
+                }
+            }
+        }
+
+        sender.sendMessage(ChatColor.translateAlternateColorCodes('&',
+                command.execute(new BukkitCommandExecutor(sender), args)));
+
+        return true;
+    }
+}
@@ -0,0 +1,200 @@
+package dev.brighten.antivpn.bukkit;
+
+import be.seeseemelk.mockbukkit.MockBukkit;
+import be.seeseemelk.mockbukkit.ServerMock;
+import be.seeseemelk.mockbukkit.entity.PlayerMock;
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.api.PlayerExecutor;
+import dev.brighten.antivpn.api.VPNConfig;
+import dev.brighten.antivpn.api.VPNExecutor;
+import dev.brighten.antivpn.message.MessageHandler;
+import dev.brighten.antivpn.message.VpnString;
+import dev.brighten.antivpn.web.objects.VPNResponse;
+import org.bukkit.event.player.PlayerLoginEvent;
+import org.bukkit.command.CommandSender;
+import org.bukkit.plugin.PluginDescriptionFile;
+import org.bukkit.plugin.java.JavaPlugin;
+import org.jetbrains.annotations.NotNull;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+import java.lang.reflect.Field;
+import java.net.InetAddress;
+import java.util.Optional;
+import java.util.UUID;
+import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.ExecutorService;
+import java.util.concurrent.Executors;
+import java.util.concurrent.TimeUnit;
+import java.util.concurrent.atomic.AtomicBoolean;
+import java.util.concurrent.atomic.AtomicReference;
+
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.mockito.Mockito.*;
+
+public class BukkitListenerTest {
+
+    private ServerMock server;
+    private BukkitListener listener;
+    private VPNExecutor vpnExecutor;
+
+    @BeforeEach
+    public void setUp() throws Exception {
+        server = MockBukkit.mock(new RecordingServerMock());
+        JavaPlugin plugin = MockBukkit.loadWith(
+                TestPlugin.class,
+                new PluginDescriptionFile("AntiVPNTest", "1.0.0", TestPlugin.class.getName())
+        );
+        BukkitPlugin.pluginInstance = new BukkitPlugin(plugin);
+
+        AntiVPN antiVPN = mock(AntiVPN.class);
+        VPNConfig config = mock(VPNConfig.class);
+        PlayerExecutor playerExecutor = mock(PlayerExecutor.class);
+        vpnExecutor = mock(VPNExecutor.class);
+        MessageHandler messageHandler = mock(MessageHandler.class);
+        
+        when(antiVPN.getVpnConfig()).thenReturn(config);
+        when(antiVPN.getPlayerExecutor()).thenReturn(playerExecutor);
+        when(antiVPN.getExecutor()).thenReturn(vpnExecutor);
+        when(antiVPN.getMessageHandler()).thenReturn(messageHandler);
+        
+        when(playerExecutor.getPlayer(any(UUID.class))).thenReturn(Optional.empty());
+        when(config.getPrefixWhitelists()).thenReturn(java.util.Collections.emptyList());
+        when(config.getCountryList()).thenReturn(java.util.Collections.emptyList());
+        when(config.isKickPlayers()).thenReturn(true);
+        when(config.getKickMessage()).thenReturn("Blocked!");
+        
+        VpnString mockVpnString = mock(VpnString.class);
+        when(mockVpnString.getFormattedMessage(any())).thenReturn("Blocked!");
+        when(messageHandler.getString(anyString())).thenReturn(mockVpnString);
+        
+        when(vpnExecutor.checkIp(anyString())).thenReturn(CompletableFuture.completedFuture(
+                VPNResponse.builder().success(true).proxy(false).ip("127.0.0.1")
+                        .method("N/A").countryName("N/A").city("N/A").build()
+        ));
+        
+        // Use reflection to set the private static INSTANCE field
+        Field instanceField = AntiVPN.class.getDeclaredField("INSTANCE");
+        instanceField.setAccessible(true);
+        instanceField.set(null, antiVPN);
+        
+        listener = new BukkitListener();
+    }
+
+    @AfterEach
+    public void tearDown() throws Exception {
+        // Reset the singleton
+        Field instanceField = AntiVPN.class.getDeclaredField("INSTANCE");
+        instanceField.setAccessible(true);
+        instanceField.set(null, null);
+        BukkitPlugin.pluginInstance = null;
+        
+        MockBukkit.unmock();
+    }
+
+    @Test
+    public void testLoginEventAllowed() throws Exception {
+        PlayerMock player = server.addPlayer("TestPlayer");
+        InetAddress address = InetAddress.getByName("127.0.0.1");
+        
+        PlayerLoginEvent event = new PlayerLoginEvent(player, "localhost", address);
+        
+        listener.onLogin(event);
+        
+        assertEquals(PlayerLoginEvent.Result.ALLOWED, event.getResult());
+    }
+
+    @Test
+    public void testLoginEventBlocked() throws Exception {
+        PlayerMock player = server.addPlayer("ProxyPlayer");
+        InetAddress address = InetAddress.getByName("1.1.1.1");
+        
+        // Mock proxy response
+        when(vpnExecutor.checkIp("1.1.1.1")).thenReturn(CompletableFuture.completedFuture(
+                VPNResponse.builder().success(true).proxy(true).ip("1.1.1.1")
+                        .method("N/A").countryName("N/A").countryCode("N/A").city("N/A").build()
+        ));
+        
+        PlayerLoginEvent event = new PlayerLoginEvent(player, "localhost", address);
+        
+        listener.onLogin(event);
+        
+        assertEquals(PlayerLoginEvent.Result.KICK_BANNED, event.getResult());
+        assertEquals("Blocked!", net.kyori.adventure.text.serializer.legacy.LegacyComponentSerializer.legacySection().serialize(event.kickMessage()));
+    }
+
+    @Test
+    public void testLoginPipelineProxyPlayerIsKickedWithoutErrors() throws Exception {
+        PlayerMock player = server.addPlayer("PipelineProxyPlayer");
+        InetAddress address = InetAddress.getByName("1.1.1.1");
+
+        when(vpnExecutor.checkIp("1.1.1.1")).thenReturn(CompletableFuture.completedFuture(
+                VPNResponse.builder().success(true).proxy(true).ip("1.1.1.1")
+                        .method("N/A").countryName("N/A").countryCode("N/A").city("N/A").build()
+        ));
+
+        PlayerLoginEvent event = new PlayerLoginEvent(player, "localhost", address);
+
+        assertDoesNotThrow(() -> listener.onLogin(event));
+
+        assertEquals(PlayerLoginEvent.Result.KICK_BANNED, event.getResult());
+        assertEquals("Blocked!", net.kyori.adventure.text.serializer.legacy.LegacyComponentSerializer.legacySection().serialize(event.kickMessage()));
+    }
+
+    @Test
+    public void testRunCommandDispatchesOnPrimaryThreadWhenCalledAsynchronously() {
+        RecordingServerMock recordingServer = (RecordingServerMock) server;
+        ExecutorService executor = Executors.newSingleThreadExecutor();
+
+        try {
+            CompletableFuture<Void> asyncCall = CompletableFuture.runAsync(
+                    () -> listener.runCommand("antivpn-test &aok"),
+                    executor
+            );
+
+            assertDoesNotThrow(() -> asyncCall.get(5, TimeUnit.SECONDS));
+            assertFalse(recordingServer.commandDispatched(), "Command should be scheduled, not dispatched asynchronously");
+
+            server.getScheduler().performOneTick();
+
+            assertTrue(recordingServer.commandDispatched(), "Scheduled command should be dispatched on the next server tick");
+            assertTrue(recordingServer.dispatchedOnPrimaryThread(), "Command dispatch must happen on Bukkit's primary thread");
+            assertEquals("antivpn-test §aok", recordingServer.dispatchedCommand());
+        } finally {
+            executor.shutdownNow();
+        }
+    }
+
+    public static class TestPlugin extends JavaPlugin {
+    }
+
+    private static class RecordingServerMock extends ServerMock {
+        private final AtomicBoolean commandDispatched = new AtomicBoolean();
+        private final AtomicBoolean dispatchedOnPrimaryThread = new AtomicBoolean();
+        private final AtomicReference<String> dispatchedCommand = new AtomicReference<>();
+
+        @Override
+        public boolean dispatchCommand(@NotNull CommandSender sender, @NotNull String commandLine) {
+            commandDispatched.set(true);
+            dispatchedOnPrimaryThread.set(isPrimaryThread());
+            dispatchedCommand.set(commandLine);
+            return super.dispatchCommand(sender, commandLine);
+        }
+
+        private boolean commandDispatched() {
+            return commandDispatched.get();
+        }
+
+        private boolean dispatchedOnPrimaryThread() {
+            return dispatchedOnPrimaryThread.get();
+        }
+
+        private String dispatchedCommand() {
+            return dispatchedCommand.get();
+        }
+    }
+}
@@ -0,0 +1,56 @@
+package dev.brighten.antivpn.bukkit;
+
+import be.seeseemelk.mockbukkit.MockBukkit;
+import be.seeseemelk.mockbukkit.ServerMock;
+import be.seeseemelk.mockbukkit.entity.PlayerMock;
+import org.bukkit.plugin.java.JavaPlugin;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+import java.util.concurrent.CompletableFuture;
+import java.util.concurrent.TimeUnit;
+
+import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.junit.jupiter.api.Assertions.assertTrue;
+import static org.mockito.Mockito.mock;
+import static org.mockito.Mockito.when;
+
+class BukkitPlayerTest {
+
+    private ServerMock server;
+
+    @BeforeEach
+    void setUp() {
+        server = MockBukkit.mock();
+
+        BukkitPlugin pluginBootstrap = mock(BukkitPlugin.class);
+        JavaPlugin plugin = MockBukkit.createMockPlugin();
+        when(pluginBootstrap.getPlugin()).thenReturn(plugin);
+        BukkitPlugin.pluginInstance = pluginBootstrap;
+    }
+
+    @AfterEach
+    void tearDown() {
+        BukkitPlugin.pluginInstance = null;
+        MockBukkit.unmock();
+    }
+
+    @Test
+    void kickPlayerCalledFromAsyncContext_isScheduledAndExecutedOnMainThread() {
+        PlayerMock player = server.addPlayer("AsyncKickPlayer");
+        BukkitPlayer bukkitPlayer = new BukkitPlayer(player);
+
+        assertTrue(player.isOnline());
+
+        CompletableFuture<Void> asyncKick = CompletableFuture.runAsync(() -> bukkitPlayer.kickPlayer("&cBlocked!"));
+        assertDoesNotThrow(() -> asyncKick.get(1, TimeUnit.SECONDS));
+
+        assertTrue(player.isOnline(), "Kick should be deferred to the server scheduler");
+
+        server.getScheduler().performTicks(1);
+
+        assertFalse(player.isOnline(), "Player should be kicked when scheduled task runs");
+    }
+}
@@ -0,0 +1,26 @@
+plugins {
+    id 'com.gradleup.shadow'
+}
+
+evaluationDependsOn(':Bungee:BungeePlugin')
+
+dependencies {
+    compileOnly 'net.md-5:bungeecord-api:1.21-R0.2'
+    compileOnly project(':Bungee:BungeePlugin')
+    implementation project(':Common:loader-utils')
+}
+
+shadowJar {
+    archiveClassifier.set('')
+
+    // Include the shaded plugin jar as a single resource file
+    from(project(':Bungee:BungeePlugin').tasks.shadowJar) {
+        rename { 'antivpn-bungee.jarinjar' }
+    }
+}
+
+tasks.named('shadowJar') {
+    dependsOn(':Bungee:BungeePlugin:shadowJar')
+}
+
+tasks.build.dependsOn shadowJar
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bungee;
+
+import dev.brighten.antivpn.loader.JarInJarClassLoader;
+import dev.brighten.antivpn.loader.LoaderBootstrap;
+import net.md_5.bungee.api.plugin.Plugin;
+
+public class BungeeLoaderPlugin extends Plugin {
+
+    private static final String JAR_NAME = "antivpn-bungee.jarinjar";
+    private static final String SOURCE_NAME = "antivpn-source.jarinjar";
+    private static final String BOOTSTRAP_CLASS = "dev.brighten.antivpn.bungee.BungeePlugin";
+
+    private final LoaderBootstrap plugin;
+
+    public BungeeLoaderPlugin() {
+        JarInJarClassLoader loader = new JarInJarClassLoader(getClass().getClassLoader(), JAR_NAME, SOURCE_NAME);
+        this.plugin = loader.instantiatePlugin(BOOTSTRAP_CLASS, Plugin.class, this);
+    }
+
+    @Override
+    public void onLoad() {
+        this.plugin.onLoad(getDataFolder());
+    }
+
+    @Override
+    public void onEnable() {
+        this.plugin.onEnable();
+    }
+
+    @Override
+    public void onDisable() {
+        this.plugin.onDisable();
+    }
+
+
+}
@@ -0,0 +1,5 @@
+name: KauriVPN
+main: dev.brighten.antivpn.bungee.BungeeLoaderPlugin
+description: A simple and fast antivpn plugin.
+version: ${project.version}
+author: funkemunky
@@ -0,0 +1,29 @@
+plugins {
+    id 'com.gradleup.shadow'
+}
+
+dependencies {
+    compileOnly 'net.md-5:bungeecord-api:1.21-R0.2'
+    testImplementation 'net.md-5:bungeecord-api:1.21-R0.2'
+    implementation project(':Common:Source')
+    implementation project(':Common:loader-utils')
+    implementation 'org.bstats:bstats-bungeecord:2.2.1'
+    testImplementation 'org.junit.jupiter:junit-jupiter:5.11.4'
+    testImplementation 'org.mockito:mockito-core:5.11.0'
+    testImplementation 'org.mockito:mockito-subclass:5.11.0'
+    testImplementation 'org.mockito:mockito-junit-jupiter:5.11.0'
+    testImplementation 'com.github.ben-manes.caffeine:caffeine:3.1.8'
+}
+tasks.compileJava.dependsOn(':Common:Source:jar')
+
+test {
+    useJUnitPlatform()
+    systemProperty 'mockito.mockmaker', 'subclass'
+}
+
+shadowJar {
+    archiveClassifier.set('')
+    relocate 'org.bstats', 'dev.brighten.antivpn.bungee.org.bstats'
+}
+
+tasks.build.dependsOn shadowJar
@@ -0,0 +1,122 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bungee;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.api.*;
+import dev.brighten.antivpn.utils.MiscUtils;
+import dev.brighten.antivpn.utils.StringUtil;
+import net.md_5.bungee.api.chat.TextComponent;
+import net.md_5.bungee.api.event.LoginEvent;
+import net.md_5.bungee.api.event.PlayerDisconnectEvent;
+import net.md_5.bungee.api.event.PreLoginEvent;
+import net.md_5.bungee.api.plugin.Listener;
+import net.md_5.bungee.api.scheduler.ScheduledTask;
+import net.md_5.bungee.event.EventHandler;
+import net.md_5.bungee.event.EventPriority;
+
+import java.net.InetSocketAddress;
+import java.util.UUID;
+import java.util.logging.Level;
+
+public class BungeeListener extends VPNExecutor implements Listener {
+
+    private ScheduledTask cacheResetTask;
+
+    @Override
+    public void registerListeners() {
+        BungeePlugin.pluginInstance.getProxy().getPluginManager()
+                .registerListener(BungeePlugin.pluginInstance.getPlugin(), this);
+    }
+
+    @Override
+    public void log(Level level, String log, Object... objects) {
+        BungeePlugin.pluginInstance.getProxy().getLogger().log(Level.INFO, String.format(log, objects));
+    }
+
+    @Override
+    public void log(String log, Object... objects) {
+        log(Level.INFO, log, objects);
+    }
+
+    @Override
+    public void logException(String message, Throwable ex) {
+        BungeePlugin.pluginInstance.getProxy().getLogger().log(Level.SEVERE, message, ex);
+    }
+
+    @Override
+    public void runCommand(String command) {
+        BungeePlugin.pluginInstance.getProxy().getPluginManager()
+                .dispatchCommand(BungeePlugin.pluginInstance.getProxy().getConsole(), command);
+    }
+
+    @Override
+    public void disablePlugin() {
+        BungeePlugin.pluginInstance.getProxy().getPluginManager().unregisterListeners(BungeePlugin.pluginInstance.getPlugin());
+        if (cacheResetTask != null) {
+            cacheResetTask.cancel();
+            cacheResetTask = null;
+        }
+        BungeePlugin.pluginInstance.getProxy().getPluginManager().unregisterCommands(BungeePlugin.pluginInstance.getPlugin());
+        BungeePlugin.pluginInstance.onDisable();
+    }
+
+    @EventHandler(priority = EventPriority.HIGH)
+    public void onListener(final PreLoginEvent event) {
+
+        APIPlayer player = AntiVPN.getInstance().getPlayerExecutor().getPlayer(event.getConnection().getUniqueId())
+                .orElseGet(() -> {
+                    UUID uuid = MiscUtils.lookupUUID(event.getConnection().getName());
+                    AntiVPN.getInstance().getExecutor().log(Level.INFO, "Getting offline player for %s with name %s",
+                            event.getConnection().getUniqueId(), uuid);
+
+                    return new OfflinePlayer(uuid, event.getConnection().getName(),
+                            ((InetSocketAddress) event.getConnection().getSocketAddress()).getAddress());
+                });
+
+        player.checkPlayer(result -> {
+            if (!result.resultType().isShouldBlock()) return;
+
+            if(!AntiVPN.getInstance().getVpnConfig().isKickPlayers()) {
+                return;
+            }
+
+            event.setCancelled(true);
+            event.setReason(TextComponent.fromLegacy(StringUtil.varReplace(switch (result.resultType()) {
+                case DENIED_PROXY -> StringUtil.varReplace(AntiVPN.getInstance().getVpnConfig()
+                        .getKickMessage(), player, result.response());
+                case DENIED_COUNTRY -> StringUtil.varReplace(AntiVPN.getInstance().getVpnConfig()
+                        .getCountryVanillaKickReason(), player, result.response());
+                default -> "You were kicked by KauriVPN for an unknown reason!";
+            }, player, result.response())));
+        });
+    }
+
+    @EventHandler(priority = EventPriority.HIGH)
+    public void onJoin(LoginEvent event) {
+        if(event.isCancelled()) return;
+
+        // Handling player alerts on join
+        AntiVPN.getInstance().getPlayerExecutor().getPlayer(event.getConnection().getUniqueId())
+                .ifPresent(APIPlayer::checkAlertsState);
+    }
+
+    @EventHandler
+    public void onLeave(PlayerDisconnectEvent event) {
+        AntiVPN.getInstance().getPlayerExecutor().unloadPlayer(event.getPlayer().getUniqueId());
+    }
+}
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bungee;
+
+import dev.brighten.antivpn.api.APIPlayer;
+import net.md_5.bungee.api.ChatColor;
+import net.md_5.bungee.api.chat.TextComponent;
+import net.md_5.bungee.api.connection.ProxiedPlayer;
+
+public class BungeePlayer extends APIPlayer {
+
+    private final ProxiedPlayer player;
+    public BungeePlayer(ProxiedPlayer player) {
+        super(player.getUniqueId(), player.getName(), player.getAddress().getAddress());
+
+        this.player = player;
+    }
+
+
+    @Override
+    public void sendMessage(String message) {
+        player.sendMessage(TextComponent.fromLegacyText(ChatColor
+                .translateAlternateColorCodes('&', message)));
+    }
+
+    @Override
+    public void kickPlayer(String reason) {
+        player.disconnect(TextComponent.fromLegacyText(ChatColor
+                .translateAlternateColorCodes('&', reason)));
+    }
+
+    @Override
+    public boolean hasPermission(String permission) {
+        return player.hasPermission(permission);
+    }
+}
@@ -0,0 +1,59 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bungee;
+
+import dev.brighten.antivpn.api.APIPlayer;
+import dev.brighten.antivpn.api.PlayerExecutor;
+import net.md_5.bungee.api.connection.ProxiedPlayer;
+
+import java.util.*;
+import java.util.stream.Collectors;
+
+public class BungeePlayerExecutor implements PlayerExecutor {
+
+    private final Map<UUID, BungeePlayer> cachedPlayers = new HashMap<>();
+
+    @Override
+    public Optional<APIPlayer> getPlayer(String name) {
+        ProxiedPlayer player = BungeePlugin.pluginInstance.getProxy().getPlayer(name);
+
+        if(player == null) return Optional.empty();
+
+        return Optional.of(cachedPlayers.computeIfAbsent(player.getUniqueId(), key -> new BungeePlayer(player)));
+    }
+
+    @Override
+    public Optional<APIPlayer> getPlayer(UUID uuid) {
+        ProxiedPlayer player = BungeePlugin.pluginInstance.getProxy().getPlayer(uuid);
+
+        if(player == null) return Optional.empty();
+
+        return Optional.of(cachedPlayers.computeIfAbsent(uuid, key -> new BungeePlayer(player)));
+    }
+
+    @Override
+    public void unloadPlayer(UUID uuid) {
+        this.cachedPlayers.remove(uuid);
+    }
+
+    @Override
+    public List<APIPlayer> getOnlinePlayers() {
+        return BungeePlugin.pluginInstance.getProxy().getPlayers().stream()
+                .map(pl -> cachedPlayers.computeIfAbsent(pl.getUniqueId(), key -> new BungeePlayer(pl)))
+                .collect(Collectors.toList());
+    }
+}
@@ -0,0 +1,102 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bungee;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.bungee.command.BungeeCommand;
+import dev.brighten.antivpn.command.Command;
+import dev.brighten.antivpn.database.VPNDatabase;
+import dev.brighten.antivpn.database.local.H2VPN;
+import dev.brighten.antivpn.database.mongo.MongoVPN;
+import dev.brighten.antivpn.database.sql.MySqlVPN;
+import dev.brighten.antivpn.loader.LoaderBootstrap;
+import lombok.Getter;
+import net.md_5.bungee.api.ProxyServer;
+import net.md_5.bungee.api.plugin.Plugin;
+import org.bstats.bungeecord.Metrics;
+import org.bstats.charts.SimplePie;
+
+import java.io.File;
+import java.util.concurrent.TimeUnit;
+
+public class BungeePlugin implements LoaderBootstrap {
+
+    public static BungeePlugin pluginInstance;
+    
+    @Getter
+    private File dataFolder;
+
+    @Getter
+    private final Plugin plugin;
+
+    public BungeePlugin(Plugin plugin) {
+        this.plugin = plugin;
+    }
+
+    @Override
+    public void onLoad(File dataFolder) {
+        this.dataFolder = dataFolder;
+    }
+
+    @Override
+    public void onEnable() {
+        pluginInstance = this;
+
+        //Setting up config
+        ProxyServer.getInstance().getLogger().info("Loading config...");
+
+
+        //Loading plugin
+        ProxyServer.getInstance().getLogger().info("Starting AntiVPN services...");
+        AntiVPN.start(new BungeeListener(), new BungeePlayerExecutor(), getDataFolder());
+
+        if(AntiVPN.getInstance().getVpnConfig().metrics()) {
+            ProxyServer.getInstance().getLogger().info("Starting bStats metrics...");
+            Metrics metrics = new Metrics(getPlugin(), 12616);
+            metrics.addCustomChart(new SimplePie("database_used", this::getDatabaseType));
+            ProxyServer.getInstance().getScheduler().schedule(getPlugin(),
+                    () -> AntiVPN.getInstance().checked = AntiVPN.getInstance().detections = 0,
+                    10, 10, TimeUnit.MINUTES);
+        }
+
+        for (Command command : AntiVPN.getInstance().getCommands()) {
+            ProxyServer.getInstance().getPluginManager().registerCommand(getPlugin(), new BungeeCommand(command));
+        }
+    }
+
+    @Override
+    public void onDisable() {
+        AntiVPN.getInstance().stop();
+    }
+
+    private String getDatabaseType() {
+        VPNDatabase database = AntiVPN.getInstance().getDatabase();
+        if(database instanceof MySqlVPN) {
+            return "MySQL";
+        } else if(database instanceof H2VPN) {
+            return "H2";
+        } else if(database instanceof MongoVPN) {
+            return "MongoDB";
+        } else {
+            return "No-Database";
+        }
+    }
+
+    public ProxyServer getProxy() {
+        return ProxyServer.getInstance();
+    }
+}
@@ -0,0 +1,95 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bungee.command;
+
+import dev.brighten.antivpn.AntiVPN;
+import lombok.val;
+import net.md_5.bungee.api.ChatColor;
+import net.md_5.bungee.api.CommandSender;
+import net.md_5.bungee.api.chat.TextComponent;
+import net.md_5.bungee.api.plugin.Command;
+import net.md_5.bungee.api.plugin.TabExecutor;
+
+import java.util.Arrays;
+import java.util.stream.IntStream;
+
+public class BungeeCommand extends Command implements TabExecutor {
+
+    private final dev.brighten.antivpn.command.Command command;
+    public BungeeCommand(dev.brighten.antivpn.command.Command command) {
+        super(command.name(), command.permission(), command.aliases());
+
+        this.command = command;
+    }
+
+    @Override
+    public void execute(CommandSender sender, String[] args) {
+        if(!sender.hasPermission("antivpn.command.*")
+                && !sender.hasPermission(command.permission())) {
+            sender.sendMessage(TextComponent.fromLegacyText(ChatColor.translateAlternateColorCodes('&',
+                    AntiVPN.getInstance().getMessageHandler().getString("no-permission").getMessage())));
+            return;
+        }
+
+        val children = command.children();
+
+        if(children.length > 0 && args.length > 0) {
+            for (dev.brighten.antivpn.command.Command child : children) {
+                if(child.name().equalsIgnoreCase(args[0]) || Arrays.stream(child.aliases())
+                        .anyMatch(alias -> alias.equalsIgnoreCase(args[0]))) {
+                    if(!sender.hasPermission("antivpn.command.*")
+                            && !sender.hasPermission(child.permission())) {
+                        sender.sendMessage(TextComponent.fromLegacyText(ChatColor.translateAlternateColorCodes('&',
+                                AntiVPN.getInstance().getMessageHandler().getString("no-permission").getMessage())));
+                        return;
+                    }
+
+                    sender.sendMessage(TextComponent
+                            .fromLegacyText(ChatColor
+                                    .translateAlternateColorCodes('&',
+                                            child.execute(new BungeeCommandExecutor(sender),  IntStream
+                                                    .range(0, args.length - 1)
+                                                    .mapToObj(i -> args[i + 1]).toArray(String[]::new)))));
+                    return;
+                }
+            }
+        }
+
+
+        sender.sendMessage(TextComponent
+                .fromLegacyText(ChatColor
+                        .translateAlternateColorCodes('&',
+                                command.execute(new BungeeCommandExecutor(sender), args))));
+    }
+
+    @Override
+    public Iterable<String> onTabComplete(CommandSender sender, String[] args) {
+        val children = command.children();
+
+        if(children.length > 0 && args.length > 0) {
+            for (dev.brighten.antivpn.command.Command child : children) {
+                if(child.name().equalsIgnoreCase(args[0])  || Arrays.stream(child.aliases())
+                        .anyMatch(alias2 -> alias2.equalsIgnoreCase(args[0]))) {
+                    return child.tabComplete(new BungeeCommandExecutor(sender), "alias", IntStream
+                            .range(0, args.length - 1)
+                            .mapToObj(i -> args[i + 1]).toArray(String[]::new));
+                }
+            }
+        }
+        return command.tabComplete(new BungeeCommandExecutor(sender), "alias", args);
+    }
+}
@@ -0,0 +1,57 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.bungee.command;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.api.APIPlayer;
+import dev.brighten.antivpn.command.CommandExecutor;
+import lombok.RequiredArgsConstructor;
+import net.md_5.bungee.api.ChatColor;
+import net.md_5.bungee.api.CommandSender;
+import net.md_5.bungee.api.chat.TextComponent;
+import net.md_5.bungee.api.connection.ProxiedPlayer;
+
+import java.util.Optional;
+
+@RequiredArgsConstructor
+public class BungeeCommandExecutor implements CommandExecutor {
+
+    private final CommandSender sender;
+
+    @Override
+    public void sendMessage(String message, Object... objects) {
+        sender.sendMessage(TextComponent.fromLegacyText(ChatColor
+                .translateAlternateColorCodes('&', String.format(message, objects))));
+    }
+
+    @Override
+    public boolean hasPermission(String permission) {
+        return sender.hasPermission(permission);
+    }
+
+    @Override
+    public Optional<APIPlayer> getPlayer() {
+        if(!isPlayer()) return Optional.empty();
+
+        return AntiVPN.getInstance().getPlayerExecutor().getPlayer(((ProxiedPlayer) sender).getUniqueId());
+    }
+
+    @Override
+    public boolean isPlayer() {
+        return sender instanceof ProxiedPlayer;
+    }
+}
@@ -0,0 +1,110 @@
+package dev.brighten.antivpn.bungee;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.api.PlayerExecutor;
+import dev.brighten.antivpn.api.VPNConfig;
+import dev.brighten.antivpn.api.VPNExecutor;
+import dev.brighten.antivpn.message.MessageHandler;
+import dev.brighten.antivpn.message.VpnString;
+import dev.brighten.antivpn.web.objects.VPNResponse;
+import net.md_5.bungee.api.connection.PendingConnection;
+import net.md_5.bungee.api.event.PreLoginEvent;
+import org.junit.jupiter.api.AfterEach;
+import org.junit.jupiter.api.BeforeEach;
+import org.junit.jupiter.api.Test;
+
+import java.lang.reflect.Field;
+import java.net.InetSocketAddress;
+import java.util.Optional;
+import java.util.UUID;
+import java.util.concurrent.CompletableFuture;
+
+import static org.mockito.Mockito.*;
+
+public class BungeeListenerTest {
+
+    private BungeeListener listener;
+    private VPNExecutor vpnExecutor;
+
+    @BeforeEach
+    public void setUp() throws Exception {
+        AntiVPN antiVPN = mock(AntiVPN.class);
+        VPNConfig config = mock(VPNConfig.class);
+        PlayerExecutor playerExecutor = mock(PlayerExecutor.class);
+        vpnExecutor = mock(VPNExecutor.class);
+        MessageHandler messageHandler = mock(MessageHandler.class);
+
+        when(antiVPN.getVpnConfig()).thenReturn(config);
+        when(antiVPN.getPlayerExecutor()).thenReturn(playerExecutor);
+        when(antiVPN.getExecutor()).thenReturn(vpnExecutor);
+        when(antiVPN.getMessageHandler()).thenReturn(messageHandler);
+
+        when(playerExecutor.getPlayer(any(UUID.class))).thenReturn(Optional.empty());
+        when(config.getPrefixWhitelists()).thenReturn(java.util.Collections.emptyList());
+        when(config.getCountryList()).thenReturn(java.util.Collections.emptyList());
+        when(config.isKickPlayers()).thenReturn(true);
+        when(config.getKickMessage()).thenReturn("Blocked!");
+
+        VpnString mockVpnString = mock(VpnString.class);
+        when(mockVpnString.getFormattedMessage(any())).thenReturn("Blocked!");
+        when(messageHandler.getString(anyString())).thenReturn(mockVpnString);
+
+        when(vpnExecutor.checkIp(anyString())).thenReturn(CompletableFuture.completedFuture(
+                VPNResponse.builder().success(true).proxy(false).ip("127.0.0.1")
+                        .method("N/A").countryName("N/A").city("N/A").build()
+        ));
+
+        // Use reflection to set the private static INSTANCE field
+        Field instanceField = AntiVPN.class.getDeclaredField("INSTANCE");
+        instanceField.setAccessible(true);
+        instanceField.set(null, antiVPN);
+
+        listener = new BungeeListener();
+    }
+
+    @AfterEach
+    public void tearDown() throws Exception {
+        // Reset the singleton
+        Field instanceField = AntiVPN.class.getDeclaredField("INSTANCE");
+        instanceField.setAccessible(true);
+        instanceField.set(null, null);
+    }
+
+    @Test
+    public void testPreLoginEventAllowed()  {
+        PreLoginEvent event = mock(PreLoginEvent.class);
+        PendingConnection connection = mock(PendingConnection.class);
+
+        when(event.getConnection()).thenReturn(connection);
+        when(connection.getUniqueId()).thenReturn(UUID.randomUUID());
+        when(connection.getName()).thenReturn("TestPlayer");
+        when(connection.getSocketAddress()).thenReturn(new InetSocketAddress("127.0.0.1", 12345));
+
+        listener.onListener(event);
+
+        verify(event, never()).setCancelled(true);
+    }
+
+    @Test
+    public void testPreLoginEventBlocked() {
+        PreLoginEvent event = mock(PreLoginEvent.class);
+        PendingConnection connection = mock(PendingConnection.class);
+
+        UUID uuid = UUID.randomUUID();
+        when(event.getConnection()).thenReturn(connection);
+        when(connection.getUniqueId()).thenReturn(uuid);
+        when(connection.getName()).thenReturn("ProxyPlayer");
+        when(connection.getSocketAddress()).thenReturn(new InetSocketAddress("1.1.1.1", 12345));
+
+        // Mock proxy response
+        when(vpnExecutor.checkIp("1.1.1.1")).thenReturn(CompletableFuture.completedFuture(
+                VPNResponse.builder().success(true).proxy(true).ip("1.1.1.1")
+                        .method("N/A").countryName("N/A").countryCode("N/A").city("N/A").build()
+        ));
+
+        listener.onListener(event);
+
+        verify(event).setCancelled(true);
+        verify(event).setReason(any());
+    }
+}
@@ -0,0 +1,49 @@
+# Changelog
+All notable changes to this project will be documented in this file.
+
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
+and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
+
+## [1.10.0] - 2026-04-07
+
+### Added
+- CIDR allowlisting, including commands to add, remove, view, and search entries
+- MongoDB support for CIDR allowlist storage
+- VPN detection webhooks with Discord and Slack formatting options
+- Mojang API fallback support for player lookups
+- Folia support
+
+### Changed
+- Improved player blocking so flagged users are removed more reliably across platforms
+- Updated allowlist handling to validate CIDR entries more consistently
+- Improved database cleanup for outdated cached responses
+
+### Fixed
+- SQL startup and loading issues, including MySQL library injection problems
+- CIDR parsing issues and MongoDB CIDR lookup failures
+- Allowlist-related SQL errors
+- Repeated webhook spam from duplicate VPN detection events
+
+### Documentation
+- Expanded webhook setup documentation for Discord and Slack
+
+## [1.9.4] - 2025-09-30
+
+### Added
+- Sponge platform support
+- UUID lookup support for player validation
+- Better scheduled kick checking
+- Java 17 and Java 21 support
+- Database metrics tracking for bStats
+
+### Changed
+- **BREAKING**: Minimum Java version upgraded from 8 to 17
+- Replaced the old cache implementation with Caffeine for better performance
+- Improved asynchronous player checking and VPN detection handling
+- Improved database connection management and error handling
+
+### Fixed
+- H2 database compatibility issues with automatic backup and recovery
+- Memory leaks and resource cleanup problems in database handling
+- Thread safety issues in player cache management
+- Command registration issues during plugin startup and shutdown
@@ -0,0 +1,50 @@
+plugins {
+    id 'com.gradleup.shadow'
+}
+
+dependencies {
+    implementation 'org.ow2.asm:asm:9.8'
+    implementation 'org.ow2.asm:asm-commons:9.8'
+    implementation 'org.yaml:snakeyaml:2.2'
+    implementation 'org.jetbrains:annotations:26.0.2'
+    
+    compileOnly 'com.mysql:mysql-connector-j:9.3.0'
+    compileOnly 'com.h2database:h2:2.2.220'
+    implementation'com.github.ben-manes.caffeine:caffeine:3.1.8'
+    compileOnly 'org.mongodb:mongo-java-driver:3.12.14'
+    
+    testImplementation 'org.mockito:mockito-core:5.11.0'
+    testImplementation "org.junit.jupiter:junit-jupiter:5.8.1"
+    testImplementation "org.testcontainers:testcontainers:2.0.4"
+    testImplementation "org.testcontainers:testcontainers-junit-jupiter:2.0.4"
+    testImplementation 'org.testcontainers:mysql:1.20.4'
+    testImplementation 'org.testcontainers:mongodb:1.20.4'
+    testRuntimeOnly 'org.slf4j:slf4j-simple:2.0.16'
+    testImplementation 'com.mysql:mysql-connector-j:9.3.0'
+    testImplementation 'com.h2database:h2:2.2.220'
+    testImplementation 'org.mongodb:mongo-java-driver:3.12.14'
+    testImplementation 'com.github.ben-manes.caffeine:caffeine:3.1.8'
+}
+
+shadowJar {
+    archiveClassifier.set('')
+
+    dependencies {
+        exclude 'dev/brighten/antivpn/depends/Relocate*'
+        exclude 'dev/brighten/antivpn/depends/MavenLibraries*'
+    }
+}
+
+tasks.build.dependsOn shadowJar
+components.java.withVariantsFromConfiguration(configurations.shadowRuntimeElements) {
+    skip()
+}
+
+
+test {
+    useJUnitPlatform()
+}
+
+jar {
+    archiveClassifier.set('raw')
+}
@@ -0,0 +1,266 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn;
+
+import dev.brighten.antivpn.api.PlayerExecutor;
+import dev.brighten.antivpn.api.VPNConfig;
+import dev.brighten.antivpn.api.VPNExecutor;
+import dev.brighten.antivpn.command.Command;
+import dev.brighten.antivpn.command.impl.AntiVPNCommand;
+import dev.brighten.antivpn.database.VPNDatabase;
+import dev.brighten.antivpn.database.local.H2VPN;
+import dev.brighten.antivpn.database.mongo.MongoVPN;
+import dev.brighten.antivpn.database.sql.MySqlVPN;
+import dev.brighten.antivpn.depends.LibraryLoader;
+import dev.brighten.antivpn.depends.MavenLibrary;
+import dev.brighten.antivpn.message.MessageHandler;
+import dev.brighten.antivpn.utils.ConfigDefault;
+import dev.brighten.antivpn.utils.MiscUtils;
+import dev.brighten.antivpn.utils.config.Configuration;
+import dev.brighten.antivpn.utils.config.ConfigurationProvider;
+import dev.brighten.antivpn.utils.config.YamlConfiguration;
+import lombok.AccessLevel;
+import lombok.Getter;
+import lombok.Setter;
+
+import java.io.File;
+import java.io.IOException;
+import java.io.InputStream;
+import java.net.URL;
+import java.net.URLConnection;
+import java.util.ArrayList;
+import java.util.List;
+
+@Getter
+@Setter(AccessLevel.PRIVATE)
+@MavenLibrary(groupId = "com.h2database", artifactId ="h2", version = "2.2.220")
+@MavenLibrary(groupId = "org.mongodb", artifactId = "mongo-java-driver", version = "3.12.14")
+@MavenLibrary(
+        groupId = "com.mysql",
+        artifactId = "mysql-connector-j",
+        version = "9.3.0"
+)
+public class AntiVPN {
+
+    private static AntiVPN INSTANCE;
+    private VPNConfig vpnConfig;
+    private VPNExecutor executor;
+    private PlayerExecutor playerExecutor;
+    private VPNDatabase database;
+    private MessageHandler messageHandler;
+    private Configuration config;
+    private List<Command> commands = new ArrayList<>();
+    public int detections, checked;
+    private File pluginFolder;
+
+    public static void start(VPNExecutor executor, PlayerExecutor playerExecutor, File pluginFolder) {
+        //Initializing
+
+        INSTANCE = new AntiVPN();
+
+        INSTANCE.pluginFolder = pluginFolder;
+        INSTANCE.executor = executor;
+        INSTANCE.playerExecutor = playerExecutor;
+
+        LibraryLoader.loadAll(INSTANCE);
+
+        try {
+            File configFile = new File(pluginFolder, "config.yml");
+            if(!configFile.exists()){
+                if(configFile.getParentFile().mkdirs()) {
+                    AntiVPN.getInstance().getExecutor().log("Created plugin folder!");
+                }
+                MiscUtils.copy(INSTANCE.getResource( "config.yml"), configFile);
+            }
+            INSTANCE.config = ConfigurationProvider.getProvider(YamlConfiguration.class)
+                    .load(configFile);
+        } catch (IOException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not load config.yml, plugin disabling...", e);
+            executor.disablePlugin();
+            return;
+        }
+
+        INSTANCE.vpnConfig = new VPNConfig();
+
+        INSTANCE.executor.registerListeners();
+        INSTANCE.vpnConfig.update();
+
+        INSTANCE.messageHandler = new MessageHandler();
+
+        try {
+            switch(INSTANCE.vpnConfig.getDatabaseType().toLowerCase()) {
+                case "h2":
+                case "local":
+                case "flatfile": {
+                    AntiVPN.getInstance().getExecutor().log("Using databaseType H2...");
+                    INSTANCE.database = new H2VPN();
+                    INSTANCE.database.init();
+                    break;
+                }
+                case "mysql":
+                case "sql": {
+                    AntiVPN.getInstance().getExecutor().log("Using databaseType MySQL...");
+                    INSTANCE.database = new MySqlVPN();
+                    INSTANCE.database.init();
+                    break;
+                }
+                case "mongo":
+                case "mongodb":
+                case "mongod": {
+                    INSTANCE.database = new MongoVPN();
+                    INSTANCE.database.init();
+                    break;
+                }
+                default: {
+                    AntiVPN.getInstance().getExecutor().log("Could not find database type \"" + INSTANCE.vpnConfig.getDatabaseType() + "\". " +
+                            "Options: [MySQL]");
+                    break;
+                }
+            }
+        } catch (Exception e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not initialize database, plugin disabling...", e);
+            executor.disablePlugin();
+            return;
+        }
+
+        //Registering commands
+        INSTANCE.registerCommands();
+
+        //Turning on alerts of players who are already online.
+        playerExecutor.getOnlinePlayers().forEach(player -> {
+            //We want to make sure they even have permission to see alerts before we make a bunch
+            //of unnecessary database queries.
+            if(player.hasPermission("antivpn.command.alerts")) {
+                //Running database check for enabled alerts.
+                INSTANCE.database.alertsState(player.getUuid(), player::setAlertsEnabled);
+            }
+        });
+
+        AntiVPN.getInstance().getMessageHandler().initStrings(vpnString -> new ConfigDefault<>
+                (vpnString.getDefaultMessage(), "messages." + vpnString.getKey(), AntiVPN.getInstance())
+                .get());
+        AntiVPN.getInstance().getMessageHandler().reloadStrings();
+
+        // Starting kick checks
+        AntiVPN.getInstance().getExecutor().startKickChecks();
+    }
+
+    public InputStream getResource(String filename) {
+        if (filename == null) {
+            throw new IllegalArgumentException("Filename cannot be null");
+        } else {
+            try {
+                URL url = executor.getClass().getClassLoader().getResource(filename);
+                if (url == null) {
+                    return null;
+                } else {
+                    URLConnection connection = url.openConnection();
+                    connection.setUseCaches(false);
+                    return connection.getInputStream();
+                }
+            } catch (IOException var4) {
+                return null;
+            }
+        }
+    }
+
+    public void stop() {
+        if (database instanceof H2VPN) {
+            database.shutdown();
+
+            // Try to deregister driver
+            try {
+                java.sql.Driver driver = java.sql.DriverManager.getDriver("jdbc:h2:");
+                if (driver != null) {
+                    java.sql.DriverManager.deregisterDriver(driver);
+                }
+            } catch (Exception e) {
+                // Log but don't throw
+                executor.log("Failed to deregister H2 driver: " + e.getMessage());
+            }
+        }
+        if (executor != null && executor.getThreadExecutor() != null) {
+            executor.getThreadExecutor().shutdown();
+        }
+        if(database != null) database.shutdown();
+
+        INSTANCE = null;
+    }
+
+    public void reloadDatabase() {
+        database.shutdown();
+
+        switch(AntiVPN.getInstance().getVpnConfig().getDatabaseType().toLowerCase()) {
+            case "h2":
+            case "local":
+            case "flatfile": {
+                AntiVPN.getInstance().getExecutor().log("Using databaseType H2...");
+                INSTANCE.database = new H2VPN();
+                INSTANCE.database.init();
+                break;
+            }
+            case "mysql":
+            case "sql":{
+                AntiVPN.getInstance().getExecutor().log("Using databaseType MySQL...");
+                INSTANCE.database = new MySqlVPN();
+                INSTANCE.database.init();
+                break;
+            }
+            case "mongo":
+            case "mongodb":
+            case "mongod": {
+                INSTANCE.database = new MongoVPN();
+                INSTANCE.database.init();
+                break;
+            }
+            default: {
+                AntiVPN.getInstance().getExecutor().log("Could not find database type \"" + INSTANCE.vpnConfig.getDatabaseType() + "\". " +
+                        "Options: [MySQL]");
+                break;
+            }
+        }
+    }
+
+    public static AntiVPN getInstance() {
+        assert INSTANCE != null: "AntiVPN has not been initialized!";
+
+        return INSTANCE;
+    }
+
+    public void saveConfig() {
+        try {
+            ConfigurationProvider.getProvider(YamlConfiguration.class)
+                    .save(getConfig(), new File(pluginFolder.getPath() + File.separator + "config.yml"));
+        } catch (IOException e) {
+            AntiVPN.getInstance().getExecutor().logException(e);
+        }
+    }
+
+    public void reloadConfig() {
+        try {
+
+            config = ConfigurationProvider.getProvider(YamlConfiguration.class)
+                    .load(new File(pluginFolder.getPath() + File.separator + "config.yml"));
+        } catch (IOException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    private void registerCommands() {
+        commands.add(new AntiVPNCommand());
+    }
+}
@@ -0,0 +1,145 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.api;
+
+import com.github.benmanes.caffeine.cache.Cache;
+import com.github.benmanes.caffeine.cache.Caffeine;
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.message.VpnString;
+import lombok.Getter;
+import lombok.Setter;
+
+import java.net.InetAddress;
+import java.util.UUID;
+import java.util.concurrent.TimeUnit;
+import java.util.function.Consumer;
+import java.util.logging.Level;
+
+@Getter
+public abstract class APIPlayer {
+    private final UUID uuid;
+    private final String name;
+    private final InetAddress ip;
+    @Setter
+    private boolean alertsEnabled;
+
+    private static final Cache<String, CheckResult> checkResultCache = Caffeine.newBuilder()
+            .expireAfterWrite(5, TimeUnit.MINUTES)
+            .maximumSize(2000)
+            .build();
+
+    public APIPlayer(UUID uuid, String name, InetAddress ip) {
+        this.uuid = uuid;
+        this.name = name;
+        this.ip = ip;
+    }
+
+    public abstract void sendMessage(String message);
+
+    public abstract void kickPlayer(String reason);
+
+    public abstract boolean hasPermission(String permission);
+
+    public void updateAlertsState() {
+        //Updating into database so its synced across servers and saved on logout.
+        AntiVPN.getInstance().getDatabase().updateAlertsState(uuid, alertsEnabled);
+
+        sendMessage(AntiVPN.getInstance().getMessageHandler()
+                .getString("command-alerts-toggled")
+                .getFormattedMessage(new VpnString.Var<>("state", alertsEnabled)));
+    }
+
+    public void checkAlertsState() {
+        AntiVPN.getInstance().getExecutor().getThreadExecutor().execute(() ->
+                AntiVPN.getInstance().getDatabase().alertsState(uuid, state -> {
+                    if(state) {
+                        alertsEnabled = true;
+                        updateAlertsState();
+                    }
+                })
+        );
+    }
+
+    public void checkPlayer(Consumer<CheckResult> onResult) {
+        if (hasPermission("antivpn.bypass") //Has bypass permission
+                //Is exempt
+                || (uuid != null && AntiVPN.getInstance().getExecutor().isWhitelisted(uuid))
+                //Or has a name that starts with a certain prefix. This is for Bedrock exempting.
+                || AntiVPN.getInstance().getExecutor().isWhitelisted(ip.getHostAddress() + "/32")
+                || AntiVPN.getInstance().getVpnConfig().getPrefixWhitelists().stream()
+                .anyMatch(name::startsWith)) {
+            onResult.accept(new CheckResult(null, ResultType.WHITELISTED, false));
+            return;
+        }
+
+        CheckResult cachedResult = checkResultCache.getIfPresent(ip.getHostAddress());
+
+        if(cachedResult != null) {
+            if(cachedResult.response().getIp().equals(ip.getHostAddress())) {
+                AntiVPN.getInstance().getExecutor().log(Level.FINE, "Cached result for " + ip.getHostAddress() + " is " + cachedResult.resultType());
+                if(cachedResult.resultType().isShouldBlock()) {
+                    AntiVPN.getInstance().getExecutor().handleKickingOfPlayer(cachedResult, this);
+                }
+                onResult.accept(cachedResult);
+                return;
+            }
+        }
+
+        AntiVPN.getInstance().getExecutor().checkIp(ip.getHostAddress())
+                .thenAccept(result -> {
+                    if(!result.isSuccess()) {
+                        AntiVPN.getInstance().getExecutor().log(Level.WARNING, "The API query was not a success! " +
+                                "You may need to upgrade your license on " +
+                                "https://funkemunky.cc/shop");
+                        onResult.accept(new CheckResult(null, ResultType.API_FAILURE, false));
+                        return;
+                    }
+                    // If the countryList() size is zero, no need to check.
+                    // Running country check first
+                    CheckResult checkResult;
+                    if (!AntiVPN.getInstance().getVpnConfig().getCountryList().isEmpty()
+                            && !((uuid != null && AntiVPN.getInstance().getExecutor()
+                            .isWhitelisted(uuid))
+                            //Or has a name that starts with a certain prefix. This is for Bedrock exempting.
+                            || AntiVPN.getInstance().getExecutor().isWhitelisted(ip.getHostAddress() + "/32"))
+                            // This bit of code will decide whether or not to kick the player
+                            // If it contains the code and it is set to whitelist, it will not kick
+                            // as they are equal and vise versa. However, if the contains does not match
+                            // the state, it will kick.
+                            && AntiVPN.getInstance().getVpnConfig().getCountryList()
+                            .contains(result.getCountryCode())
+                            != AntiVPN.getInstance().getVpnConfig().getWhitelistCountries()) {
+                        //Using our built in kicking system if no commands are configured
+                        checkResult = new CheckResult(result, ResultType.DENIED_COUNTRY, false);
+                    } else if (result.isProxy()) {
+                        checkResult = new CheckResult(result, ResultType.DENIED_PROXY, false);
+                    } else {
+                        checkResult = new CheckResult(result, ResultType.ALLOWED, false);
+                    }
+
+                    AntiVPN.getInstance().getExecutor().log(Level.FINE, "Result for " + ip.getHostAddress() + " is " + checkResult.resultType());
+
+                    checkResultCache.put(ip.getHostAddress(), new CheckResult(checkResult.response(), checkResult.resultType(), true));
+                    if(checkResult.resultType().isShouldBlock()) {
+                        AntiVPN.getInstance().getExecutor().handleKickingOfPlayer(checkResult, this);
+                    }
+                    onResult.accept(checkResult);
+                    AntiVPN.getInstance().checked++;
+                });
+        onResult.accept(new CheckResult(null, ResultType.UNKNOWN, false));
+    }
+}
@@ -0,0 +1,22 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.api;
+
+import dev.brighten.antivpn.web.objects.VPNResponse;
+
+public record CheckResult(VPNResponse response, ResultType resultType, boolean isFromCache) {
+}
@@ -0,0 +1,42 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.api;
+
+import java.net.InetAddress;
+import java.util.UUID;
+
+public class OfflinePlayer extends APIPlayer {
+
+    public OfflinePlayer(UUID uuid, String name, InetAddress ip) {
+        super(uuid, name, ip);
+    }
+
+    @Override
+    public void sendMessage(String message) {
+
+    }
+
+    @Override
+    public void kickPlayer(String reason) {
+
+    }
+
+    @Override
+    public boolean hasPermission(String permission) {
+        return false;
+    }
+}
@@ -0,0 +1,32 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.api;
+
+import java.util.List;
+import java.util.Optional;
+import java.util.UUID;
+
+public interface PlayerExecutor {
+
+    Optional<APIPlayer> getPlayer(String name);
+
+    Optional<APIPlayer> getPlayer(UUID uuid);
+
+    void unloadPlayer(UUID uuid);
+
+    List<APIPlayer> getOnlinePlayers();
+}
@@ -0,0 +1,35 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.api;
+
+import lombok.Getter;
+
+public enum ResultType {
+    ALLOWED(false),
+    WHITELISTED(false),
+    DENIED_COUNTRY(true),
+    DENIED_PROXY(true),
+    API_FAILURE(false),
+    UNKNOWN(false);
+
+    @Getter
+    private final boolean shouldBlock;
+
+    ResultType(boolean shouldBlock) {
+        this.shouldBlock = shouldBlock;
+    }
+}
@@ -0,0 +1,225 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.api;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.utils.ConfigDefault;
+import lombok.Getter;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+public class VPNConfig {
+    private final ConfigDefault<String> licenseDefault = new ConfigDefault<>("",
+            "license", AntiVPN.getInstance()), kickStringDefault =
+            new ConfigDefault<>("Proxies are not allowed on our server",
+                    "kickMessage", AntiVPN.getInstance()),
+            defaultDatabaseType = new ConfigDefault<>("H2",
+                    "database.type", AntiVPN.getInstance()),
+            defaultDatabaseName = new ConfigDefault<>("kaurivpn",
+                    "database.database", AntiVPN.getInstance()),
+            defaultMongoURL = new ConfigDefault<>("", "database.mongoURL", AntiVPN.getInstance()),
+            defaultUsername = new ConfigDefault<>("root",
+                    "database.username", AntiVPN.getInstance()),
+            defaultPassword = new ConfigDefault<>("password",
+                    "database.password", AntiVPN.getInstance()),
+            defaultCountryKickReason = new ConfigDefault<>(
+                    "&cSorry, but our server does not allow connections from\n&f%country%",
+                    "countries.vanillaKickReason", AntiVPN.getInstance()),
+            defaultIp = new ConfigDefault<>("localhost", "database.ip", AntiVPN.getInstance()),
+            defaultAlertMsg = new ConfigDefault<>("&8[&6KauriVPN&8] &e%player% &7has joined on a VPN/proxy" +
+                    " &8(&f%reason%&8) &7in location &8(&f%city%&7, &f%country%&8)", "alerts.message",
+                    AntiVPN.getInstance());
+    private final ConfigDefault<Boolean> cacheResultsDefault = new ConfigDefault<>(true,
+            "cachedResults", AntiVPN.getInstance()),
+            defaultUseCredentials = new ConfigDefault<>(true,
+                    "database.useCredentials", AntiVPN.getInstance()),
+            defaultDatabaseEnabled = new ConfigDefault<>(false, "database.enabled",
+                    AntiVPN.getInstance()), defaultCommandsEnable = new ConfigDefault<>(false,
+            "commands.enabled", AntiVPN.getInstance()), defaultKickPlayers
+            = new ConfigDefault<>(true, "kickPlayers", AntiVPN.getInstance()),
+            defaultAlertToStaff = new ConfigDefault<>(true, "alerts.enabled",
+                    AntiVPN.getInstance()),
+            defaultWhitelistCountries = new ConfigDefault<>(true, "countries.whitelist",
+                    AntiVPN.getInstance()),
+            defaultMetrics = new ConfigDefault<>(true, "bstats", AntiVPN.getInstance());
+    private final ConfigDefault<Integer>
+            defaultPort = new ConfigDefault<>(-1, "database.port", AntiVPN.getInstance());
+    private final ConfigDefault<List<String>> prefixWhitelistsDefault = new ConfigDefault<>(new ArrayList<>(),
+            "prefixWhitelists", AntiVPN.getInstance()), defaultCommands = new ConfigDefault<>(
+            Collections.singletonList("kick %player% VPNs are not allowed on our server!"), "commands.execute",
+            AntiVPN.getInstance()),
+            defCountryKickCommands = new ConfigDefault<>(Collections.emptyList(),
+                    "countries.commands", AntiVPN.getInstance()),
+            defCountrylist = new ConfigDefault<>(new ArrayList<>(), "countries.list",
+                    AntiVPN.getInstance());
+
+    @Getter
+    private String license;
+    @Getter
+    private String kickMessage;
+    @Getter
+    private String databaseType;
+    @Getter
+    private String databaseName;
+    private String mongoURL;
+    @Getter
+    private String username;
+    @Getter
+    private String password;
+    @Getter
+    private String ip;
+    @Getter
+    private String alertMsg;
+    @Getter
+    private String countryVanillaKickReason;
+    @Getter
+    private List<String> prefixWhitelists;
+    private List<String> commands;
+    @Getter
+    private List<String> countryList;
+    private List<String> countryKickCommands;
+    private int port;
+    private boolean cacheResults;
+    @Getter
+    private boolean databaseEnabled;
+    private boolean useCredentials;
+    @Getter
+    private boolean commandsEnabled;
+    @Getter
+    private boolean kickPlayers;
+    private boolean alertToStaff;
+    private boolean metrics;
+    private boolean whitelistCountries;
+
+    /**
+     * If true, results will be cached to reduce queries to <a href="https://funkemunky.cc">...</a>
+     * @return boolean
+     */
+    public boolean cachedResults() {
+        return cacheResults;
+    }
+
+    /**
+     * If true, staff will be alerted on proxy detection.
+     * @return boolean
+     */
+    public boolean isAlertToSTaff() {
+        return alertToStaff;
+    }
+
+    /**
+     * Commands to run on proxy detection.
+     * @return List
+     */
+    public List<String> commands() {
+        return commands;
+    }
+
+    /**
+     * Whether or not the database we want to connect to requires credentials.
+     * @return boolean
+     */
+    public boolean useDatabaseCreds() {
+        return useCredentials;
+    }
+
+    /**
+     * Only for Mongo only. URL used for connecting to database. Overrides other fields
+     * @return String
+     */
+    public String mongoDatabaseURL() {
+        return mongoURL;
+    }
+
+    /**
+     * If true, we only allow the {@link VPNConfig#countryKickCommands()}. If false, we blacklist them.
+     * @return boolean
+     */
+    public boolean getWhitelistCountries() {
+        return whitelistCountries;
+    }
+
+    /**
+     * Returns our configured commands to run on player country detection.
+     * @return List
+     */
+    public List<String> countryKickCommands() {
+        return countryKickCommands;
+    }
+
+    /**
+     * Gets the port based on configuration. If {@link VPNConfig#port} is -1, will get default port
+     * based on {@link VPNConfig#getDatabaseType()} lowerCase().
+     * @return int
+     */
+    public int getPort() {
+        if(port == -1) {
+            switch (getDatabaseType().toLowerCase()) {
+                case "mongodb":
+                case "mongo":
+                case "mongod":
+                    return 27017;
+                case "sql":
+                case "mysql":
+                    return 3306;
+            }
+        }
+
+        return port;
+    }
+
+
+    /**
+     * If true, <a href="https://bstats.org">...</a> metrics will be collected to improve KauriVPN.
+     * @return boolean
+     */
+    public boolean metrics() {
+        return metrics;
+    }
+
+    /**
+     * Grabs all information from the config.yml
+     */
+    public void update() {
+        license = licenseDefault.get();
+        kickMessage = kickStringDefault.get();
+        cacheResults = cacheResultsDefault.get();
+        prefixWhitelists = prefixWhitelistsDefault.get();
+        databaseEnabled = defaultDatabaseEnabled.get();
+        useCredentials = defaultUseCredentials.get();
+        databaseType = defaultDatabaseType.get();
+        databaseName = defaultDatabaseName.get();
+        mongoURL = defaultMongoURL.get();
+        username = defaultUsername.get();
+        password = defaultPassword.get();
+        ip = defaultIp.get();
+        port = defaultPort.get();
+        commandsEnabled = defaultCommandsEnable.get();
+        commands = defaultCommands.get();
+        kickPlayers = defaultKickPlayers.get();
+        alertToStaff = defaultAlertToStaff.get();
+        alertMsg = defaultAlertMsg.get();
+        metrics = defaultMetrics.get();
+        countryList = defCountrylist.get();
+        whitelistCountries = defaultWhitelistCountries.get();
+        countryKickCommands = defCountryKickCommands.get();
+        countryVanillaKickReason = defaultCountryKickReason.get();
+    }
+
+}
@@ -0,0 +1,190 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.api;
+
+import com.github.benmanes.caffeine.cache.Cache;
+import com.github.benmanes.caffeine.cache.Caffeine;
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.utils.CIDRUtils;
+import dev.brighten.antivpn.utils.StringUtil;
+import dev.brighten.antivpn.utils.Tuple;
+import dev.brighten.antivpn.utils.json.JSONException;
+import dev.brighten.antivpn.web.FunkemunkyAPI;
+import dev.brighten.antivpn.web.objects.VPNResponse;
+import lombok.Getter;
+
+import java.io.IOException;
+import java.net.UnknownHostException;
+import java.util.*;
+import java.util.concurrent.*;
+import java.util.logging.Level;
+
+@Getter
+public abstract class VPNExecutor {
+    private final ScheduledExecutorService threadExecutor = Executors.newScheduledThreadPool(2);
+    private final Set<UUID> whitelisted = Collections.synchronizedSet(new HashSet<>());
+    private final Set<CIDRUtils> whitelistedIps = Collections.synchronizedSet(new HashSet<>());
+    private final Queue<Tuple<CheckResult, UUID>> toKick = new LinkedBlockingQueue<>();
+    private final Queue<APIPlayer> playersToRecheck = new LinkedBlockingQueue<>();
+    private ScheduledFuture<?> kickTask = null;
+
+
+    public abstract void registerListeners();
+
+    public abstract void log(Level level, String log, Object... objects);
+
+    public abstract void log(String log, Object... objects);
+
+    public abstract void logException(String message, Throwable ex);
+
+    public abstract void runCommand(String command);
+
+    public void logException(Throwable ex) {
+        logException("An exception occurred: " + ex.getMessage(), ex);
+    }
+
+    public void startKickChecks() {
+        kickTask = threadExecutor.scheduleAtFixedRate(() -> {
+            synchronized (toKick) {
+                if(toKick.isEmpty()) return;
+
+                Tuple<CheckResult, UUID> toCheck;
+
+                while((toCheck = toKick.poll()) != null) {
+                    Optional<APIPlayer> player = AntiVPN.getInstance().getPlayerExecutor().getPlayer(toCheck.second());
+
+                    if(player.isEmpty()) {
+                        continue;
+                    }
+
+                    handleKickingOfPlayer(toCheck.first(), player.get());
+                }
+            }
+        }, 8, 2, TimeUnit.SECONDS);
+    }
+
+    public void handleKickingOfPlayer(CheckResult result, APIPlayer player) {
+
+        //Ensuring kick task is always running
+        if(kickTask == null || kickTask.isDone() || kickTask.isCancelled()) {
+            startKickChecks();
+        }
+
+        if (AntiVPN.getInstance().getVpnConfig().isAlertToSTaff()) AntiVPN.getInstance().getPlayerExecutor()
+                .getOnlinePlayers()
+                .stream()
+                .filter(APIPlayer::isAlertsEnabled)
+                .forEach(pl ->
+                        pl.sendMessage(StringUtil.translateAlternateColorCodes('&',
+                                StringUtil.varReplace(dev.brighten.antivpn.AntiVPN.getInstance().getVpnConfig()
+                                        .getAlertMsg(), player, result.response()))));
+
+        if(AntiVPN.getInstance().getVpnConfig().isKickPlayers()) {
+            switch (result.resultType()) {
+                case DENIED_PROXY -> player.kickPlayer(StringUtil.varReplace(AntiVPN.getInstance().getVpnConfig()
+                        .getKickMessage(), player, result.response()));
+                case DENIED_COUNTRY -> player.kickPlayer(StringUtil.varReplace(AntiVPN.getInstance().getVpnConfig()
+                        .getCountryVanillaKickReason(), player, result.response()));
+            }
+        } else {
+            if(!AntiVPN.getInstance().getVpnConfig().isCommandsEnabled()) return;
+        }
+
+        Runnable runCommands = () -> {
+            switch (result.resultType()) {
+                case DENIED_PROXY -> {
+                    for (String command : AntiVPN.getInstance().getVpnConfig().commands()) {
+                        runCommand(StringUtil.varReplace(command, player, result.response()));
+                    }
+                }
+                case DENIED_COUNTRY -> {
+                    for (String command : AntiVPN.getInstance().getVpnConfig().countryKickCommands()) {
+                        runCommand(StringUtil.varReplace(command, player, result.response()));
+                    }
+                }
+            }
+        };
+
+        // Fixes the commands running too fast and causing messaging errors by any downstream plugins like LiteBans
+        var scheduleResult = threadExecutor.schedule(runCommands, 1, TimeUnit.SECONDS);
+
+        if(scheduleResult.isCancelled()) {
+            runCommands.run();
+        }
+
+        //Ensuring players are actually kicked as they are supposed to be.
+        toKick.add(new Tuple<>(result, player.getUuid()));
+    }
+
+    public boolean isWhitelisted(UUID uuid) {
+        if(AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled()) {
+            return AntiVPN.getInstance().getDatabase().isWhitelisted(uuid);
+        }
+        return whitelisted.contains(uuid);
+    }
+
+    public boolean isWhitelisted(String cidr) {
+        if(AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled()) {
+            return AntiVPN.getInstance().getDatabase().isWhitelisted(cidr);
+        }
+        try {
+            return whitelistedIps.contains(new CIDRUtils(cidr));
+        } catch (UnknownHostException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    private final Cache<String, VPNResponse> cachedResponses = Caffeine.newBuilder()
+            .expireAfterWrite(20, TimeUnit.MINUTES)
+            .maximumSize(4000)
+            .build();
+
+    public CompletableFuture<VPNResponse> checkIp(String ip) {
+        VPNResponse cached = cachedResponses.getIfPresent(ip);
+
+        if(cached != null) {
+            return CompletableFuture.completedFuture(cached);
+        }
+
+        return CompletableFuture.supplyAsync(() -> {
+            Optional<VPNResponse> cachedRes = AntiVPN.getInstance().getDatabase().getStoredResponse(ip);
+
+            if(cachedRes.isPresent()) {
+                return cachedRes.get();
+            }
+            else {
+                try {
+                    VPNResponse response = FunkemunkyAPI
+                            .getVPNResponse(ip, AntiVPN.getInstance().getVpnConfig().getLicense(), true);
+
+                    if (response.isSuccess()) {
+                        AntiVPN.getInstance().getDatabase().cacheResponse(response);
+                    } else {
+                        log("Query to VPN API failed! Reason: " + response.getFailureReason());
+                    }
+
+                    return response;
+                } catch (JSONException | IOException e) {
+                    log("Query to VPN API failed! Reason: " + e.getMessage());
+                    return VPNResponse.FAILED_RESPONSE;
+                }
+            }
+        }, threadExecutor);
+    }
+
+    public abstract void disablePlugin();
+}
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.command;
+
+import java.util.List;
+
+public abstract class Command {
+
+    public abstract String permission();
+
+    public abstract String name();
+
+    public abstract String[] aliases();
+
+    public abstract String description();
+
+    public abstract String usage();
+
+    public abstract String parent();
+
+    public abstract Command[] children();
+    
+    public abstract String execute(CommandExecutor executor, String[] args);
+
+    public abstract List<String> tabComplete(CommandExecutor executor, String alias, String[] args);
+}
@@ -0,0 +1,30 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.command;
+
+import dev.brighten.antivpn.api.APIPlayer;
+
+import java.util.Optional;
+
+public interface CommandExecutor {
+
+    void sendMessage(String message, Object... objects);
+    boolean hasPermission(String permission);
+    Optional<APIPlayer> getPlayer();
+    boolean isPlayer();
+
+}
@@ -0,0 +1,84 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.command.impl;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.api.APIPlayer;
+import dev.brighten.antivpn.command.Command;
+import dev.brighten.antivpn.command.CommandExecutor;
+import dev.brighten.antivpn.message.VpnString;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Optional;
+
+public class AlertsCommand extends Command {
+    @Override
+    public String permission() {
+        return "antivpn.command.alerts";
+    }
+
+    @Override
+    public String name() {
+        return "alerts";
+    }
+
+    @Override
+    public String[] aliases() {
+        return new String[] {"valerts", "vpnalerts"};
+    }
+
+    @Override
+    public String description() {
+        return "toggle VPN use alerts";
+    }
+
+    @Override
+    public String usage() {
+        return "";
+    }
+
+    @Override
+    public String parent() {
+        return "antivpn";
+    }
+
+    @Override
+    public Command[] children() {
+        return new Command[0];
+    }
+
+    @Override
+    public String execute(CommandExecutor executor, String[] args) {
+        Optional<APIPlayer> pgetter = executor.getPlayer();
+        if(!pgetter.isPresent()) return AntiVPN.getInstance().getMessageHandler()
+                .getString("command-misc-playerRequired").getMessage();
+
+        APIPlayer player = pgetter.get();
+
+        player.setAlertsEnabled(!player.isAlertsEnabled());
+        player.updateAlertsState();
+
+        return AntiVPN.getInstance().getMessageHandler().getString("command-alerts-toggled")
+                .getFormattedMessage(new VpnString.Var<>("state", player.isAlertsEnabled()));
+    }
+
+    @Override
+    public List<String> tabComplete(CommandExecutor executor, String alias, String[] args) {
+        return Collections.emptyList();
+    }
+}
@@ -0,0 +1,336 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.command.impl;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.api.APIPlayer;
+import dev.brighten.antivpn.command.Command;
+import dev.brighten.antivpn.command.CommandExecutor;
+import dev.brighten.antivpn.utils.CIDRUtils;
+import dev.brighten.antivpn.utils.MiscUtils;
+
+import java.net.UnknownHostException;
+import java.util.*;
+import java.util.stream.Collectors;
+
+public class AllowlistCommand extends Command {
+
+    private static final String[] secondArgs = new String[] {"add", "remove", "show", "search"};
+
+    @Override
+    public String permission() {
+        return "antivpn.command.allowlist";
+    }
+
+    @Override
+    public String name() {
+        return "allowlist";
+    }
+
+    @Override
+    public String[] aliases() {
+        return new String[] {"whitelist"};
+    }
+
+    @Override
+    public String description() {
+        return "Add/remove players to/from exemption list.";
+    }
+
+    @Override
+    public String usage() {
+        return "<add <player/uuid/ip> | remove <player/uuid/ip> | show [page] | search <query> [page]>";
+    }
+
+    @Override
+    public String parent() {
+        return "antivpn";
+    }
+
+    @Override
+    public Command[] children() {
+        return new Command[0];
+    }
+
+    @Override
+    public String execute(CommandExecutor executor, String[] args) {
+        if(args.length == 0 || Arrays.stream(secondArgs).noneMatch(arg -> arg.equalsIgnoreCase(args[0]))) {
+            return "&cUsage: /antivpn allowlist " + usage();
+        }
+
+        if(args[0].equalsIgnoreCase("show")) {
+            // args[1] = optional page number (defaults to 1)
+            int page = 1;
+            if (args.length > 1) {
+                try {
+                    page = Integer.parseInt(args[1]);
+                    if (page < 1) page = 1;
+                } catch (NumberFormatException e) {
+                    return "&cUsage: /antivpn allowlist show [page]";
+                }
+            }
+
+            boolean databaseEnabled = AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled();
+
+            List<UUID> uuids = databaseEnabled
+                    ? AntiVPN.getInstance().getDatabase().getAllWhitelisted()
+                    : new ArrayList<>(AntiVPN.getInstance().getExecutor().getWhitelisted());
+            List<CIDRUtils> ips = databaseEnabled
+                    ? AntiVPN.getInstance().getDatabase().getAllWhitelistedIps()
+                    : new ArrayList<>(AntiVPN.getInstance().getExecutor().getWhitelistedIps());
+
+            List<String> entries = new ArrayList<>();
+            for (UUID uuid : uuids) {
+                entries.add("&7- &fUUID: &e" + uuid);
+            }
+            for (CIDRUtils cidr : ips) {
+                entries.add("&7- &fIP: &e" + cidr.getCidr());
+            }
+
+            return buildPage(entries, page, null, "show");
+        }
+
+        if(args[0].equalsIgnoreCase("search")) {
+            // args[1..n-1] = query terms; args[n] = optional page number if last arg is an integer
+            if (args.length < 2) {
+                return "&cUsage: /antivpn allowlist search <query> [page]";
+            }
+
+            // Detect optional trailing page number
+            int page = 1;
+            int queryEnd = args.length;
+            try {
+                int candidate = Integer.parseInt(args[args.length - 1]);
+                if (candidate >= 1 && args.length > 2) {
+                    page = candidate;
+                    queryEnd = args.length - 1;
+                }
+            } catch (NumberFormatException ignored) {}
+
+            String search = String.join(" ", Arrays.copyOfRange(args, 1, queryEnd)).toLowerCase();
+            // Strip color code characters to prevent formatting injection in output
+            String safeSearch = search.replace("&", "");
+
+            if (safeSearch.isEmpty()) {
+                return "&cUsage: /antivpn allowlist search <query> [page]";
+            }
+
+            boolean databaseEnabled = AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled();
+
+            List<UUID> uuids = databaseEnabled
+                    ? AntiVPN.getInstance().getDatabase().getAllWhitelisted()
+                    : new ArrayList<>(AntiVPN.getInstance().getExecutor().getWhitelisted());
+            List<CIDRUtils> ips = databaseEnabled
+                    ? AntiVPN.getInstance().getDatabase().getAllWhitelistedIps()
+                    : new ArrayList<>(AntiVPN.getInstance().getExecutor().getWhitelistedIps());
+
+            List<String> entries = new ArrayList<>();
+            for (UUID uuid : uuids) {
+                String entry = uuid.toString();
+                if (entry.toLowerCase().contains(search)) {
+                    entries.add("&7- &fUUID: &e" + entry);
+                }
+            }
+            for (CIDRUtils cidr : ips) {
+                String entry = cidr.getCidr();
+                if (entry.toLowerCase().contains(search)) {
+                    entries.add("&7- &fIP: &e" + entry);
+                }
+            }
+
+            return buildPage(entries, page, safeSearch, "search " + safeSearch);
+        }
+
+        if(args.length == 1)
+            return "&cYou have to provide a player to allow or deny exemption.";
+
+        boolean databaseEnabled = AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled();
+
+        if(!databaseEnabled) executor.sendMessage("&cThe database is currently not setup, " +
+                "so any changes here will disappear after a restart.");
+
+        CIDRUtils cidrUtils;
+
+        try {
+            cidrUtils = new CIDRUtils(args[1]);
+        } catch(IllegalArgumentException | UnknownHostException e) {
+            cidrUtils = null;
+        }
+
+        if(cidrUtils != null) {
+            if(!databaseEnabled) {
+                return switch (args[0].toLowerCase()) {
+                    case "add", "insert" -> {
+                        AntiVPN.getInstance().getExecutor().getWhitelistedIps().add(cidrUtils);
+                        yield String.format("&aAdded &6%s &ato exemption allowlist.", cidrUtils.getCidr());
+                    }
+                    case "remove", "delete" -> {
+                        AntiVPN.getInstance().getExecutor().getWhitelistedIps().remove(cidrUtils);
+                        yield String.format("&cRemoved &%s &cfrom the exemption allowlist.", cidrUtils.getCidr());
+                    }
+                    default -> "&c\"" + args[0] + "\" is not a valid argument";
+                };
+            } else return switch (args[0].toLowerCase()) {
+                case "add", "insert" -> {
+                    AntiVPN.getInstance().getExecutor().getWhitelistedIps().add(cidrUtils);
+                    AntiVPN.getInstance().getDatabase().addWhitelist(cidrUtils);
+                    yield String.format("&aAdded &6%s &ato exemption allowlist.", cidrUtils.getCidr());
+                }
+                case "remove", "delete" -> {
+                    AntiVPN.getInstance().getExecutor().getWhitelistedIps().remove(cidrUtils);
+                    AntiVPN.getInstance().getDatabase().removeWhitelist(cidrUtils);
+                    yield String.format("&cRemoved &6%s &cfrom the exemption allowlist.", cidrUtils.getCidr());
+                }
+                default -> "&c\"" + args[0] + "\" is not a valid argument";
+            };
+        }
+        if(MiscUtils.isIpv4(args[1])) {
+            if(!databaseEnabled) {
+                try {
+                    return switch(args[0].toLowerCase()) {
+                        case "add", "insert" -> {
+                            AntiVPN.getInstance().getExecutor().getWhitelistedIps().add(new CIDRUtils(args[1] + "/32"));
+                            AntiVPN.getInstance().getDatabase().addWhitelist(new CIDRUtils(args[1] + "/32"));
+                            yield String.format("&aAdded &6%s &ato the exemption allowlist.", args[1] + "/32");
+                        }
+                        case "remove", "delete" -> {
+                            AntiVPN.getInstance().getExecutor().getWhitelistedIps().remove(new CIDRUtils(args[1] + "/32"));
+                            AntiVPN.getInstance().getDatabase().removeWhitelist(new CIDRUtils(args[1] + "/32"));
+                            yield String.format("&cRemoved &6%s &cfrom the exemption allowlist.", args[1] + "/32");
+                        }
+                        default -> "&c\"" + args[0] + "\" is not a valid argument";
+                    };
+                } catch (UnknownHostException e) {
+                    AntiVPN.getInstance().getExecutor().logException("Invalid IP format for allowlist command", e);
+                    return "&cInvalid IP format for allowlist command";
+                }
+            } else {
+                try {
+                    return switch (args[0].toLowerCase()) {
+                        case "add", "insert" -> {
+                            AntiVPN.getInstance().getDatabase().addWhitelist(new CIDRUtils(args[1] + "/32"));
+                            yield String.format("&aAdded &6%s &a to the exemption allowlist.", args[1] + "/32");
+                        }
+                        case "remove", "delete" -> {
+                            AntiVPN.getInstance().getDatabase().removeWhitelist(new CIDRUtils(args[1] + "/32"));
+                            yield String.format("&cRemoved &6%s &c from the exemption allowlist.", args[1] + "/32");
+                        }
+                        default -> "&c\"" + args[0] + "\" is not a valid argument";
+                    };
+                } catch (UnknownHostException e) {
+                    AntiVPN.getInstance().getExecutor().logException("Invalid IP format for allowlist command", e);
+                    return "&cInvalid IP format for allowlist command";
+                }
+            }
+        } else {
+            UUID uuid;
+            try {
+                uuid = UUID.fromString(args[1]);
+            } catch(IllegalArgumentException e) {
+                Optional<APIPlayer> player = AntiVPN.getInstance().getPlayerExecutor().getPlayer(args[1]);
+                if (player.isPresent()) {
+                    uuid = player.get().getUuid();
+                } else {
+                    uuid = MiscUtils.lookupUUID(args[1]);
+                    if (uuid == null) {
+                        return "&cCould not find a UUID for \"" + args[1] + "\". They might not have provided a valid username.";
+                    }
+                }
+            }
+
+            if(!databaseEnabled) {
+                return switch (args[0].toLowerCase()) {
+                    case "add" -> {
+                        AntiVPN.getInstance().getExecutor().getWhitelisted().add(uuid);
+                        yield String.format("&aAdded &6%s &auuid to the exemption allowlist.", uuid.toString());
+                    }
+                    case "remove", "delete" -> {
+                        AntiVPN.getInstance().getExecutor().getWhitelisted().remove(uuid);
+                        yield String.format("&cRemoved &6%s &cuuid from the exemption allowlist.", uuid.toString());
+                    }
+                    default -> "&c\"" + args[0] + "\" is not a valid argument";
+                };
+            } else {
+                return switch (args[0].toLowerCase()) {
+                    case "add" -> {
+                        AntiVPN.getInstance().getDatabase().addWhitelist(uuid);
+                        yield String.format("&aAdded &6%s &auuid to the exemption allowlist.", uuid.toString());
+                    }
+                    case "remove", "delete" -> {
+                        AntiVPN.getInstance().getDatabase().removeWhitelist(uuid);
+                        yield String.format("&cRemoved &6%s &cuuid from the exemption allowlist.", uuid.toString());
+                    }
+                    default -> "&c\"" + args[0] + "\" is not a valid argument";
+                };
+            }
+        }
+    }
+
+    @Override
+    public List<String> tabComplete(CommandExecutor executor, String alias, String[] args) {
+        return switch (args.length) {
+            case 1 -> Arrays.stream(secondArgs)
+                    .filter(narg -> narg.toLowerCase().startsWith(args[0].toLowerCase()))
+                    .collect(Collectors.toList());
+            case 2 -> {
+                if (args[0].equalsIgnoreCase("show") || args[0].equalsIgnoreCase("search")) {
+                    yield Collections.emptyList();
+                }
+                yield AntiVPN.getInstance().getPlayerExecutor().getOnlinePlayers().stream()
+                        .map(APIPlayer::getName)
+                        .filter(name -> name.toLowerCase().startsWith(args[1].toLowerCase()))
+                        .collect(Collectors.toList());
+            }
+            default -> Collections.emptyList();
+        };
+    }
+
+    private String buildPage(List<String> entries, int page, String safeSearch, String subcommandPrefix) {
+        int pageSize = 10;
+        int totalPages = Math.max(1, (entries.size() + pageSize - 1) / pageSize);
+        if (page > totalPages) page = totalPages;
+
+        List<String> messages = new ArrayList<>();
+        messages.add("&8&m-----------------------------------------------------");
+        messages.add("&6&lAllowlist Entries &8(&7Page &f" + page + "&7/&f" + totalPages + "&8)"
+                + (safeSearch != null ? " &7(search: &f" + safeSearch + "&7)" : ""));
+        messages.add("");
+
+        if (entries.isEmpty()) {
+            messages.add(safeSearch != null
+                    ? "&cNo allowlist entries matching &f\"" + safeSearch + "&c\" were found."
+                    : "&cThe allowlist is empty.");
+        } else {
+            int start = (page - 1) * pageSize;
+            int end = Math.min(start + pageSize, entries.size());
+            for (int i = start; i < end; i++) {
+                messages.add(entries.get(i));
+            }
+            if (totalPages > 1) {
+                messages.add("");
+                if (page > 1) {
+                    messages.add("&7Previous page: &f/antivpn allowlist " + subcommandPrefix + " " + (page - 1));
+                }
+                if (page < totalPages) {
+                    messages.add("&7Next page: &f/antivpn allowlist " + subcommandPrefix + " " + (page + 1));
+                }
+            }
+        }
+        messages.add("&8&m-----------------------------------------------------");
+        return String.join("\n", messages);
+    }
+}
@@ -0,0 +1,100 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.command.impl;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.command.Command;
+import dev.brighten.antivpn.command.CommandExecutor;
+import dev.brighten.antivpn.utils.StringUtil;
+
+import java.util.ArrayList;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.List;
+import java.util.stream.Collectors;
+
+public class AntiVPNCommand extends Command {
+    @Override
+    public String permission() {
+        return "antivpn.command";
+    }
+
+    @Override
+    public String name() {
+        return "antivpn";
+    }
+
+    @Override
+    public String[] aliases() {
+        return new String[] {"kaurivpn", "kvpn", "vpn", "avpn"};
+    }
+
+    @Override
+    public String description() {
+        return "The main help command";
+    }
+
+    @Override
+    public String usage() {
+        return "";
+    }
+
+    @Override
+    public String parent() {
+        return "";
+    }
+
+    @Override
+    public Command[] children() {
+        return new Command[] {new LookupCommand(), new AllowlistCommand(), new AlertsCommand(),
+                new ClearCacheCommand(), new PlanCommand(), new ReloadCommand()};
+    }
+
+    @Override
+    public String execute(CommandExecutor uuid, String[] args) {
+        List<String> messages = new ArrayList<>();
+
+        messages.add(StringUtil.line("&8"));
+        messages.add("&6&lAntiVPN Help Page");
+        messages.add("");
+        for (Command cmd : AntiVPN.getInstance().getCommands()) {
+            messages.add(String.format("&8/&f%s &8- &7&o%s", "&7" + cmd.parent()
+                    + (cmd.parent().length() > 0 ? " " : "") + "&f" + cmd.name() + " &7"
+                            + cmd.usage(), cmd.description()));
+        }
+        for (Command child : children()) {
+            messages.add(String.format("&8/&f%s &8- &7&o%s", "&7" + child.parent()
+                    + (child.parent().length() > 0 ? " " : "") + "&f" + child.name() + " &7"
+                    + child.usage(), child.description()));
+        }
+
+        messages.add(StringUtil.line("&8"));
+
+        return String.join("\n", messages);
+    }
+
+    @Override
+    public List<String> tabComplete(CommandExecutor executor, String alias, String[] args) {
+        if(args.length == 1)
+        return Arrays.stream(children())
+                .map(Command::name)
+                .filter(name -> name.toLowerCase().startsWith(args[0].toLowerCase()))
+                .collect(Collectors.toList());
+
+        return Collections.emptyList();
+    }
+}
@@ -0,0 +1,73 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.command.impl;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.api.VPNExecutor;
+import dev.brighten.antivpn.command.Command;
+import dev.brighten.antivpn.command.CommandExecutor;
+
+import java.util.Collections;
+import java.util.List;
+
+public class ClearCacheCommand extends Command {
+    @Override
+    public String permission() {
+        return "antivpn.command.clearcache";
+    }
+
+    @Override
+    public String name() {
+        return "clearcache";
+    }
+
+    @Override
+    public String[] aliases() {
+        return new String[] {"clear", "cc"};
+    }
+
+    @Override
+    public String description() {
+        return "Clear the API response cache if you're having problems.";
+    }
+
+    @Override
+    public String usage() {
+        return "";
+    }
+
+    @Override
+    public String parent() {
+        return "antivpn";
+    }
+
+    @Override
+    public Command[] children() {
+        return new Command[0];
+    }
+
+    @Override
+    public String execute(CommandExecutor executor, String[] args) {
+        AntiVPN.getInstance().getExecutor().getThreadExecutor().execute(() -> AntiVPN.getInstance().getDatabase().clearResponses());
+        return "&aCleared all cached API response information!";
+    }
+
+    @Override
+    public List<String> tabComplete(CommandExecutor executor, String alias, String[] args) {
+        return Collections.emptyList();
+    }
+}
@@ -0,0 +1,114 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.command.impl;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.api.APIPlayer;
+import dev.brighten.antivpn.command.Command;
+import dev.brighten.antivpn.command.CommandExecutor;
+import dev.brighten.antivpn.utils.StringUtil;
+
+import java.util.Collections;
+import java.util.List;
+import java.util.Optional;
+import java.util.stream.Collectors;
+
+public class LookupCommand extends Command {
+    @Override
+    public String permission() {
+        return "antivpn.command.lookup";
+    }
+
+    @Override
+    public String name() {
+        return "lookup";
+    }
+
+    @Override
+    public String[] aliases() {
+        return new String[] {"check"};
+    }
+
+    @Override
+    public String description() {
+        return "Lookup a player's ip info";
+    }
+
+    @Override
+    public String usage() {
+        return "<player>";
+    }
+
+    @Override
+    public String parent() {
+        return "antivpn";
+    }
+
+    @Override
+    public Command[] children() {
+        return new Command[0];
+    }
+
+    @Override
+    public String execute(CommandExecutor executor, String[] args) {
+        if(args.length == 0) {
+            return "&cPlease supply a player to check.";
+        }
+
+        Optional<APIPlayer> player = AntiVPN.getInstance().getPlayerExecutor().getPlayer(args[0]);
+
+        if(player.isEmpty()) {
+            return String.format("&cNo player found with the name \"%s\"", args[0]);
+        }
+
+        AntiVPN.getInstance().getExecutor()
+                .checkIp(player.get().getIp().getHostAddress())
+                .thenAccept(result -> {
+                    if(!result.isSuccess()) {
+                        executor.sendMessage("&cThere was an error trying to find the " +
+                                "information of this player.");
+                        return;
+                    }
+
+                    executor.sendMessage(StringUtil.line("&8"));
+                    executor.sendMessage("&6&l" + player.get().getName() + "&7&l's Connection Information");
+                    executor.sendMessage("");
+                    executor.sendMessage("&e%s&8: &f%s", "Proxy", result.isProxy()
+                            ? "&a" + result.getMethod() : "&cNo");
+                    executor.sendMessage("&e%s&8: &f%s", "ISP", result.getIsp());
+                    executor.sendMessage("&e%s&8: &f%s", "Country", result.getCountryName());
+                    executor.sendMessage("&e%s&8: &f%s", "City", result.getCity());
+                    executor.sendMessage("&e%s&8: &f%s", "Coordinates", result.getLatitude()
+                            + "&7/&f" + result.getLongitude());
+                    executor.sendMessage(StringUtil.line("&8"));
+                });
+
+
+        return "&7Looking up the IP information for player " + player.get().getName() + "...";
+    }
+
+    @Override
+    public List<String> tabComplete(CommandExecutor executor, String alias, String[] args) {
+
+        if(args.length == 1) return AntiVPN.getInstance().getPlayerExecutor().getOnlinePlayers().stream()
+                .map(APIPlayer::getName)
+                .filter(name -> name.toLowerCase().startsWith(args[0].toLowerCase()))
+                .collect(Collectors.toList());
+
+        return Collections.emptyList();
+    }
+}
@@ -0,0 +1,117 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.command.impl;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.api.VPNExecutor;
+import dev.brighten.antivpn.command.Command;
+import dev.brighten.antivpn.command.CommandExecutor;
+import dev.brighten.antivpn.utils.StringUtil;
+import dev.brighten.antivpn.utils.json.JSONException;
+import dev.brighten.antivpn.web.FunkemunkyAPI;
+import dev.brighten.antivpn.web.objects.QueryResponse;
+
+import java.io.IOException;
+import java.util.Collections;
+import java.util.List;
+
+public class PlanCommand extends Command {
+    @Override
+    public String permission() {
+        return "antivpn.command.plan";
+    }
+
+    @Override
+    public String name() {
+        return "plan";
+    }
+
+    @Override
+    public String[] aliases() {
+        return new String[] {"queries", "query"};
+    }
+
+    @Override
+    public String description() {
+        return "Info related to KauriVPN Plan";
+    }
+
+    @Override
+    public String usage() {
+        return "";
+    }
+
+    @Override
+    public String parent() {
+        return "antivpn";
+    }
+
+    @Override
+    public Command[] children() {
+        return new Command[0];
+    }
+
+    @Override
+    public String execute(CommandExecutor executor, String[] args) {
+        AntiVPN.getInstance().getExecutor().getThreadExecutor().execute(() -> {
+            QueryResponse result;
+            try {
+                if(AntiVPN.getInstance().getVpnConfig().getLicense().isEmpty()) {
+                    result = FunkemunkyAPI.getQueryResponse();
+                } else {
+                    result = FunkemunkyAPI.getQueryResponse(AntiVPN.getInstance().getVpnConfig().getLicense());
+
+                    if(!result.isValidPlan()) {
+                        executor.sendMessage("&cThe license &f%s &cis not a valid license, " +
+                                        "checking your Free plan information...",
+                                AntiVPN.getInstance().getVpnConfig().getLicense());
+
+                        result = FunkemunkyAPI.getQueryResponse();
+                    }
+                }
+
+                String plan = result.getPlanType();
+                if(plan.equals("IP")) plan+= " (Free)";
+
+                String queryMax = result.getQueriesMax() == Long.MAX_VALUE
+                        ? "Unlimited" : String.valueOf(result.getQueriesMax());
+
+                executor.sendMessage(StringUtil.line("&8"));
+                executor.sendMessage("&6&lKauriVPN Plan Information");
+                executor.sendMessage("");
+                executor.sendMessage("&e%s&8: &f%s", "Plan", plan);
+                executor.sendMessage("&e%s&8: &f%s&7/&f%s", "Queries Used",
+                        result.getQueries(), queryMax);
+                executor.sendMessage(StringUtil.line("&8"));
+            } catch(JSONException e) {
+                AntiVPN.getInstance().getExecutor().logException(e);
+                executor.sendMessage("&cThere was a JSONException thrown while looking up your query " +
+                        "information. Check console for more details.");
+            } catch (IOException e) {
+                AntiVPN.getInstance().getExecutor().logException(e);
+                executor.sendMessage("&cThere was a IOException thrown while looking up your query " +
+                        "information. Check console for more details.");
+            }
+        });
+        return "&7Looking up your query information...";
+    }
+
+    @Override
+    public List<String> tabComplete(CommandExecutor executor, String alias, String[] args) {
+        return Collections.emptyList();
+    }
+}
@@ -0,0 +1,81 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.command.impl;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.command.Command;
+import dev.brighten.antivpn.command.CommandExecutor;
+
+import java.util.Collections;
+import java.util.List;
+
+public class ReloadCommand extends Command {
+    @Override
+    public String permission() {
+        return "antivpn.command.reload";
+    }
+
+    @Override
+    public String name() {
+        return "reload";
+    }
+
+    @Override
+    public String[] aliases() {
+        return new String[0];
+    }
+
+    @Override
+    public String description() {
+        return "Reload the plugin";
+    }
+
+    @Override
+    public String usage() {
+        return "";
+    }
+
+    @Override
+    public String parent() {
+        return "antivpn";
+    }
+
+    @Override
+    public Command[] children() {
+        return new Command[0];
+    }
+
+    @Override
+    public String execute(CommandExecutor executor, String[] args) {
+        // Loading changes from the config.yml
+        AntiVPN.getInstance().reloadConfig();
+
+        // Updating the cache of these values in VPNConfig
+        AntiVPN.getInstance().getVpnConfig().update();
+
+        AntiVPN.getInstance().getMessageHandler().reloadStrings();
+
+        AntiVPN.getInstance().reloadDatabase();
+
+        return AntiVPN.getInstance().getMessageHandler().getString("command-reload-complete").getMessage();
+    }
+
+    @Override
+    public List<String> tabComplete(CommandExecutor executor, String alias, String[] args) {
+        return Collections.emptyList();
+    }
+}
@@ -0,0 +1,23 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database;
+
+public class DatabaseException extends RuntimeException {
+    public DatabaseException(String message, Throwable e) {
+        super(message, e);
+    }
+}
@@ -0,0 +1,61 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database;
+
+import dev.brighten.antivpn.utils.CIDRUtils;
+import dev.brighten.antivpn.web.objects.VPNResponse;
+
+import java.util.List;
+import java.util.Optional;
+import java.util.UUID;
+import java.util.function.Consumer;
+
+public interface VPNDatabase {
+    Optional<VPNResponse> getStoredResponse(String ip);
+
+    void cacheResponse(VPNResponse toCache);
+
+    void deleteResponse(String ip);
+
+    boolean isWhitelisted(UUID uuid);
+
+    boolean isWhitelisted(String cidr);
+
+    boolean isWhitelisted(CIDRUtils cidr);
+
+    void addWhitelist(UUID uuid);
+
+    void removeWhitelist(UUID uuid);
+
+    void addWhitelist(CIDRUtils cidr);
+
+    void removeWhitelist(CIDRUtils cidr);
+
+    List<UUID> getAllWhitelisted();
+
+    List<CIDRUtils> getAllWhitelistedIps();
+
+    void alertsState(UUID uuid, Consumer<Boolean> result);
+
+    void updateAlertsState(UUID uuid, boolean state);
+
+    void clearResponses();
+
+    void init();
+
+    void shutdown();
+}
@@ -0,0 +1,380 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.local;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.database.VPNDatabase;
+import dev.brighten.antivpn.database.sql.utils.ExecutableStatement;
+import dev.brighten.antivpn.database.sql.utils.MySQL;
+import dev.brighten.antivpn.database.sql.utils.Query;
+import dev.brighten.antivpn.database.version.Version;
+import dev.brighten.antivpn.utils.CIDRUtils;
+import dev.brighten.antivpn.web.objects.VPNResponse;
+import lombok.SneakyThrows;
+
+import java.io.File;
+import java.math.BigInteger;
+import java.net.UnknownHostException;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.sql.Timestamp;
+import java.util.*;
+import java.util.concurrent.TimeUnit;
+import java.util.function.Consumer;
+
+public class H2VPN implements VPNDatabase {
+
+
+    public H2VPN() {
+        AntiVPN.getInstance().getExecutor().getThreadExecutor().scheduleAtFixedRate(() -> {
+            if(!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed()) return;
+
+            //Refreshing whitelisted players
+            AntiVPN.getInstance().getExecutor().getWhitelisted().clear();
+            AntiVPN.getInstance().getExecutor().getWhitelisted()
+                    .addAll(AntiVPN.getInstance().getDatabase().getAllWhitelisted());
+
+            //Refreshing whitlisted IPs
+            AntiVPN.getInstance().getExecutor().getWhitelistedIps().clear();
+            AntiVPN.getInstance().getExecutor().getWhitelistedIps()
+                    .addAll(AntiVPN.getInstance().getDatabase().getAllWhitelistedIps());
+        }, 2, 30, TimeUnit.SECONDS);
+    }
+
+    @Override
+    public Optional<VPNResponse> getStoredResponse(String ip) {
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled()|| MySQL.isClosed())
+            return Optional.empty();
+
+        try(ExecutableStatement statement = Query.prepare("select * from `responses` where `ip` = ? limit 1").append(ip)) {
+            try(ResultSet rs = statement.executeQuery()) {
+                if (rs != null && rs.next()) {
+                    return Optional.of(new VPNResponse(rs.getString("asn"), rs.getString("ip"),
+                            rs.getString("countryName"), rs.getString("countryCode"),
+                            rs.getString("city"), rs.getString("timeZone"),
+                            rs.getString("method"), rs.getString("isp"), "N/A",
+                            rs.getBoolean("proxy"), rs.getBoolean("cached"), true,
+                            rs.getDouble("latitude"), rs.getDouble("longitude"),
+                            rs.getTimestamp("inserted").getTime(), -1));
+                }
+            }
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("There was a problem getting a response for "
+                    + ip, e);
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+        return Optional.empty();
+    }
+
+    /*
+     * Query.
+     * prepare("create table if not exists `responses` (`ip` varchar(45) not null, "
+     * +
+     * "`countryName` varchar(64), `countryCode` varchar(10), `city` varchar(64), `timeZone` varchar(64), "
+     * +
+     * "`method` varchar(32), `isp` varchar(32), `proxy` boolean, `cached` boolean "
+     * + "`latitude` double, `longitude` double)");
+     */
+    @Override
+    public void cacheResponse(VPNResponse toCache) {
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed())
+            return;
+
+        try(var statement = Query.prepare("insert into `responses` (`ip`,`asn`,`countryName`,`countryCode`,`city`,`timeZone`,"
+                        + "`method`,`isp`,`proxy`,`cached`,`inserted`,`latitude`,`longitude`) values (?,?,?,?,?,?,?,?,?,?,?,?,?)")
+                .append(toCache.getIp()).append(toCache.getAsn()).append(toCache.getCountryName())
+                .append(toCache.getCountryCode()).append(toCache.getCity()).append(toCache.getTimeZone())
+                .append(toCache.getMethod()).append(toCache.getIsp()).append(toCache.isProxy())
+                .append(toCache.isCached()).append(new Timestamp(System.currentTimeMillis()))
+                .append(toCache.getLatitude()).append(toCache.getLongitude())) {
+            statement.execute();
+        } catch(SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not cache response for IP: " + toCache.getIp(), e);
+        }
+    }
+
+    @Override
+    public void deleteResponse(String ip) {
+        if(!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed())
+            return;
+
+        try(var statement = Query.prepare("delete from `responses` where `ip` = ?").append(ip)) {
+            statement.execute();
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not delete response from IP: " + ip, e);
+        }
+    }
+
+    @Override
+    public boolean isWhitelisted(UUID uuid) {
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed())
+            return false;
+
+        try(var statement = Query.prepare("select uuid from `whitelisted` where `uuid` = ? limit 1")
+                .append(uuid.toString())) {
+            try(var set = statement.executeQuery()) {
+                return set != null && set.next() && set.getString("uuid") != null;
+            }
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not check whitelist for uuid '" + uuid + "' due to SQL error.", e);
+            return false;
+        }
+    }
+
+    @SneakyThrows
+    @Override
+    public boolean isWhitelisted(String cidr) {
+        return isWhitelisted(new CIDRUtils(cidr));
+    }
+
+    @Override
+    public boolean isWhitelisted(CIDRUtils cidr) {
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed())
+            return false;
+
+        BigInteger start = cidr.getStartIpInt();
+        BigInteger end = cidr.getEndIpInt();
+
+        try(var statement = Query.prepare("SELECT * FROM `whitelisted-ranges` WHERE ip_start <= ? AND ip_end >= ?")
+                .append(start).append(end)) {
+
+            try(var result = statement.executeQuery()) {
+                return result.next();
+            }
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not check whitelist for cidr '" + cidr + "' due to SQL error.", e);
+        }
+        return false;
+    }
+
+    @Override
+    public void addWhitelist(UUID uuid) {
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed())
+            return;
+
+        try(var statement = Query.prepare("insert into `whitelisted` (`uuid`) values (?)").append(uuid.toString())) {
+            statement.execute();
+            AntiVPN.getInstance().getExecutor().getWhitelisted().add(uuid);
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not add uuid '" + uuid + "' to whitelist due to SQL error.", e);
+        }
+    }
+
+    @Override
+    public void removeWhitelist(UUID uuid) {
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed())
+            return;
+        try(var statement = Query.prepare("delete from `whitelisted` where `uuid` = ?").append(uuid.toString())) {
+            statement.execute();
+            AntiVPN.getInstance().getExecutor().getWhitelisted().remove(uuid);
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not remove uuid '" + uuid + "' from whitelist due to SQL error.", e);
+        }
+    }
+
+    @Override
+    public void addWhitelist(CIDRUtils cidr) {
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed())
+            return;
+
+        try(var statement = Query.prepare("insert into `whitelisted-ranges` (`cidr_string`, `ip_start`, `ip_end`) values (?, ?, ?)")
+                .append(cidr.getCidr()).append(cidr.getStartIpInt()).append(cidr.getEndIpInt())) {
+            statement.execute();
+
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not add cidr '" + cidr + "' to whitelist due to SQL error.", e);
+        }
+    }
+
+    @Override
+    public void removeWhitelist(CIDRUtils cidr) {
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed())
+            return;
+
+        try(var statement = Query.prepare("delete from `whitelisted-ranges` where `cidr_string` = ?").append(cidr.getCidr())) {
+            statement.execute();
+
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not remove cidr '" + cidr + "' from whitelist due to SQL error.", e);
+        }
+    }
+
+    @Override
+    public List<UUID> getAllWhitelisted() {
+        List<UUID> uuids = new ArrayList<>();
+
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed())
+            return uuids;
+
+        try(var statement = Query.prepare("select uuid from `whitelisted`")) {
+            statement.execute(set -> uuids.add(UUID.fromString(set.getString("uuid"))));
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not get all whitelisted players due to SQL error.", e);
+        }
+
+        return uuids;
+    }
+
+    @Override
+    public List<CIDRUtils> getAllWhitelistedIps() {
+        List<CIDRUtils> ips = new ArrayList<>();
+
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed())
+            return ips;
+        try(var statement = Query.prepare("select `cidr_string`, `ip_start`, `ip_end` from `whitelisted-ranges`")) {
+            statement.execute(set -> {
+                        try {
+                            String cidrString = set.getString("cidr_string");
+
+                            ips.add(new CIDRUtils(cidrString));
+
+                        } catch (UnknownHostException e) {
+                            AntiVPN.getInstance().getExecutor()
+                                    .logException("Could not format ip "
+                                            + set.getString("cidr_string") + " into a CIDR!", e);
+                        }
+                    });
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not get all whitelisted ips due to SQL error.", e);
+        }
+
+        return ips;
+    }
+
+    @Override
+    public void alertsState(UUID uuid, Consumer<Boolean> result) {
+        if(MySQL.isClosed()) return;
+        AntiVPN.getInstance().getExecutor().getThreadExecutor().execute(() -> {
+
+            try(var statement = Query.prepare("select * from `alerts` where `uuid` = ? limit 1")
+                    .append(uuid.toString())) {
+                try(var set = statement.executeQuery()) {
+                    result.accept(set != null && set.next() && set.getString("uuid") != null);
+                }
+            } catch (SQLException e) {
+                AntiVPN.getInstance().getExecutor().logException("There was a problem getting alerts state for " + uuid, e);
+                result.accept(false);
+            }
+        });
+    }
+
+    @Override
+    public void updateAlertsState(UUID uuid, boolean enabled) {
+        if(MySQL.isClosed()) return;
+
+        if(enabled) {
+            //We want to make sure there isn't already a uuid inserted to prevent double insertions
+            alertsState(uuid, alreadyEnabled -> { //No need to make another thread execute, already async
+                if(!alreadyEnabled) {
+                    try(var statement = Query.prepare("insert into `alerts` (`uuid`) values (?)")
+                            .append(uuid.toString())) {
+                        statement.execute();
+                    } catch (SQLException e) {
+                        AntiVPN.getInstance().getExecutor()
+                                .logException("There was a problem updating alerts state for " + uuid, e);
+                    }
+                } //No need to insert again of already enabled
+            });
+            //Removing any uuid from the alerts table will disable alerts globally.
+        } else {
+            try(var statement = Query.prepare("delete from `alerts` where `uuid` = ?").append(uuid.toString())) {
+                        statement.execute();
+            } catch (SQLException e) {
+                AntiVPN.getInstance().getExecutor().logException("There was a problem updating alerts state for "
+                        + uuid, e);
+            }
+        }
+    }
+
+    @Override
+    public void clearResponses() {
+        if(MySQL.isClosed()) return;
+
+        try(var statement = Query.prepare("delete from `responses`")) {
+            statement.execute();
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("There was a problem clearing responses.", e);
+        }
+    }
+
+    @Override
+    public void init() {
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled())
+            return;
+        AntiVPN.getInstance().getExecutor().log("Initializing H2...");
+        MySQL.initH2();
+        try {
+            for (Version<H2VPN> version : Version.h2Versions) {
+                if(version.needsUpdate(this)) {
+                    version.update(this);
+                }
+            }
+        } catch (Exception e) {
+            throw new RuntimeException("Could not complete version setup due to SQL error", e);
+        }
+
+        AntiVPN.getInstance().getExecutor().log("Creating tables...");
+
+        //Running check for old table types to update
+    }
+
+    @Override
+    public void shutdown() {
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled())
+            return;
+
+        MySQL.shutdown();
+    }
+
+    public void backupDatabase() {
+        File dataFolder = new File(AntiVPN.getInstance().getPluginFolder(), "databases");
+
+        if(!dataFolder.exists() || MySQL.isClosed()) {
+            return;
+        }
+
+        try {
+            var connection = Query.getConn();
+            if (connection == null || connection.getMetaData() == null
+                    || !connection.getMetaData().getDatabaseProductName().equalsIgnoreCase("H2")) {
+                return;
+            }
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not verify database type before H2 backup.", e);
+            return;
+        }
+
+        File backupDir = new File(dataFolder, "backups");
+        if (!backupDir.exists() && !backupDir.mkdirs()) {
+            AntiVPN.getInstance().getExecutor().log("Could not create backup directory");
+            return;
+        }
+
+        File backupFile = new File(backupDir, "database.h2_backup_" + System.currentTimeMillis() + ".zip");
+        String backupPath = backupFile.getAbsolutePath()
+                .replace("\\", "/")
+                .replace("'", "''");
+
+        try (var statement = Query.prepare("BACKUP TO '" + backupPath + "'")) {
+            statement.execute();
+            AntiVPN.getInstance().getExecutor().log("Created H2 backup at " + backupFile.getName());
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not create H2 backup before migration.", e);
+        }
+    }
+}
@@ -0,0 +1,130 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.local.version;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.database.DatabaseException;
+import dev.brighten.antivpn.database.VPNDatabase;
+import dev.brighten.antivpn.database.sql.utils.ExecutableStatement;
+import dev.brighten.antivpn.database.sql.utils.Query;
+import dev.brighten.antivpn.database.version.Version;
+import dev.brighten.antivpn.utils.MiscUtils;
+
+import java.sql.DatabaseMetaData;
+import java.sql.ResultSet;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+
+public class First implements Version<VPNDatabase> {
+
+    private final List<AutoCloseable> toClose = new ArrayList<>();
+    @Override
+    public void update(VPNDatabase database) throws DatabaseException {
+        try {
+            closeOnEnd(Query.prepare("create table if not exists `whitelisted` (`uuid` varchar(36) not null)"))
+                    .execute();
+            closeOnEnd(Query.prepare("create table if not exists `whitelisted-ips` (`ip` varchar(45) not null)"))
+                    .execute();
+            closeOnEnd(Query
+                    .prepare("create table if not exists `responses` (`ip` varchar(45) not null, `asn` varchar(12),"
+                    + "`countryName` text, `countryCode` varchar(10), `city` text, `timeZone` varchar(64), "
+                    + "`method` varchar(32), `isp` text, `proxy` boolean, `cached` boolean, `inserted` timestamp,"
+                    + "`latitude` double, `longitude` double)")).execute();
+            closeOnEnd(Query.prepare("create table if not exists `alerts` (`uuid` varchar(36) not null)"))
+                    .execute();
+            closeOnEnd(Query.prepare("create table if not exists `database_version` (`version` int)")).execute();
+            closeOnEnd(Query.prepare("insert into `database_version` (`version`) values (?)")
+                    .append(versionNumber())).execute();
+
+            AntiVPN.getInstance().getExecutor().log("Creating indexes...");
+            createIndexIfAbsent("whitelisted", "whitelisted_uuid_1", "`uuid`");
+            createIndexIfAbsent("responses", "responses_ip_1", "`ip`");
+            createIndexIfAbsent("responses", "responses_proxy_1", "`proxy`");
+            createIndexIfAbsent("responses", "responses_inserted_1", "`inserted`");
+            createIndexIfAbsent("whitelisted-ips", "whitelisted_ips_ip_1", "`ip`");
+        } catch (SQLException e) {
+            throw new DatabaseException("Failed to update database", e);
+        } finally {
+            MiscUtils.close(toClose.toArray(AutoCloseable[]::new));
+            toClose.clear();
+        }
+    }
+
+    private ExecutableStatement closeOnEnd(ExecutableStatement statement) {
+        toClose.add(statement);
+        return statement;
+    }
+
+    protected void createIndexIfAbsent(String tableName, String indexName, String columnList) throws SQLException {
+        if (hasIndex(tableName, indexName)) {
+            return;
+        }
+
+        closeOnEnd(Query.prepare(String.format(
+                "create index `%s` on `%s` (%s)",
+                indexName,
+                tableName,
+                columnList
+        ))).execute();
+    }
+
+    protected void dropIndexIfPresent(String tableName, String indexName) throws SQLException {
+        if (!hasIndex(tableName, indexName)) {
+            return;
+        }
+
+        closeOnEnd(Query.prepare(String.format(
+                "drop index `%s` on `%s`",
+                indexName,
+                tableName
+        ))).execute();
+    }
+
+    protected boolean hasIndex(String tableName, String indexName) throws SQLException {
+        DatabaseMetaData metaData = Query.getConn().getMetaData();
+
+        try (ResultSet indexes = metaData.getIndexInfo(null, null, tableName, false, false)) {
+            while (indexes.next()) {
+                String existingIndexName = indexes.getString("INDEX_NAME");
+
+                if (existingIndexName != null && existingIndexName.equalsIgnoreCase(indexName)) {
+                    return true;
+                }
+            }
+        }
+
+        return false;
+    }
+
+    @Override
+    public int versionNumber() {
+        return 0;
+    }
+
+    @Override
+    public boolean needsUpdate(VPNDatabase database) {
+        try(var statement = Query.prepare("select * from `database_version` where version = 0")) {
+            try(ResultSet set =  statement.executeQuery()) {
+                return !set.next();
+            }
+        } catch (SQLException e) {
+            return true;
+        }
+
+    }
+}
@@ -0,0 +1,158 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.local.version;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.database.DatabaseException;
+import dev.brighten.antivpn.database.VPNDatabase;
+import dev.brighten.antivpn.database.local.H2VPN;
+import dev.brighten.antivpn.database.sql.MySqlVPN;
+import dev.brighten.antivpn.database.sql.utils.ExecutableStatement;
+import dev.brighten.antivpn.database.sql.utils.Query;
+import dev.brighten.antivpn.database.version.Version;
+import dev.brighten.antivpn.utils.CIDRUtils;
+import dev.brighten.antivpn.utils.MiscUtils;
+
+import java.net.UnknownHostException;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+
+public class Second extends First implements Version<VPNDatabase> {
+    private final List<AutoCloseable> toClose = new ArrayList<>();
+
+    @Override
+    public void update(VPNDatabase database) throws DatabaseException {
+        if(database instanceof H2VPN h2VPN && !(database instanceof MySqlVPN)) {
+            h2VPN.backupDatabase();
+        }
+        List<String> whitelistedIps = new ArrayList<>();
+
+        try (var statement = Query.prepare("SELECT * FROM `whitelisted-ips`")) {
+            try(var set = statement.executeQuery()) {
+                while (set.next()) {
+                    whitelistedIps.add(set.getString("ip"));
+                }
+            }
+        } catch (SQLException e) {
+            throw new DatabaseException("Could not get whitelisted ips from database!", e);
+        }
+
+        try {
+            closeOnEnd(Query.prepare("CREATE TABLE IF NOT EXISTS `whitelisted-ranges` " +
+                    "(id INT AUTO_INCREMENT PRIMARY KEY, " +
+                    "cidr_string VARCHAR(45), " +
+                    "ip_start BIGINT NOT NULL, " +
+                    "ip_end BIGINT NOT NULL)"))
+                    .execute();
+            createIndexIfAbsent("whitelisted-ranges", "idx_ip_range", "ip_start, ip_end");
+
+            var cidrs = whitelistedIps.stream().map(ip -> {
+                try {
+                    return new CIDRUtils(ip + "/32");
+                } catch (UnknownHostException e) {
+                    throw new RuntimeException("Could not format ip " + ip + " into a CIDR!", e);
+                }
+            }).toList();
+            var insertStatement = Query.prepare("INSERT INTO `whitelisted-ranges` (`cidr_string`, `ip_start`, `ip_end`) VALUES (?, ?, ?)");
+            for (CIDRUtils cidr : cidrs) {
+                insertStatement = insertStatement
+                        .append(cidr.toString())
+                        .append(cidr.getStartIpInt())
+                        .append(cidr.getEndIpInt())
+                        .addBatch();
+            }
+
+            int[] updateCounts = insertStatement.executeBatch();
+
+            for (int updateCount : updateCounts) {
+                if(updateCount == 0) {
+                    throw new RuntimeException("Could not insert a CIDR from previous whitelisted lists, attempted to restore previous database!");
+                }
+            }
+
+            dropIndexIfPresent("whitelisted-ips", "ip_1");
+            dropIndexIfPresent("whitelisted-ips", "whitelisted_ips_ip_1");
+            closeOnEnd(Query.prepare("DROP TABLE `whitelisted-ips`")).execute();
+            closeOnEnd(Query.prepare("INSERT INTO `database_version` (`version`) VALUES (?)").append(versionNumber())).execute();
+        } catch (Throwable e) {
+            AntiVPN.getInstance().getExecutor().log("Failed to update database to version 1: " + e.getMessage());
+            try {
+                rollback(whitelistedIps);
+            } catch (SQLException ex) {
+                throw new DatabaseException("Failed to rollback database!", e);
+            }
+            throw new DatabaseException("Failed to update to version one, rolling back database!", e);
+        } finally {
+            MiscUtils.close(toClose.toArray(AutoCloseable[]::new));
+            toClose.clear();
+        }
+
+    }
+
+    private ExecutableStatement closeOnEnd(ExecutableStatement statement) {
+        toClose.add(statement);
+        return statement;
+    }
+
+    private void rollback(List<String> ipAddresses) throws SQLException {
+        AntiVPN.getInstance().getExecutor().log("Rolling back to version 0...");
+        dropIndexIfPresent("whitelisted-ranges", "idx_ip_range");
+        try(var statement = Query.prepare("DROP TABLE `whitelisted-ranges`")) {
+            statement.execute();
+        }
+
+        try(var statement = Query.prepare("DELETE FROM `database_version` WHERE version = ?").append(versionNumber())) {
+            statement.execute();
+        }
+
+        try(var statement = Query.prepare("CREATE TABLE IF NOT EXISTS `whitelisted-ips` (`ip` VARCHAR(45) NOT NULL)")) {
+            statement.execute();
+        }
+
+        createIndexIfAbsent("whitelisted-ips", "whitelisted_ips_ip_1", "`ip`");
+
+        try(var statement = Query.prepare("DELETE FROM `whitelisted-ips`")) {
+            statement.execute();
+        }
+
+        try(var statement = Query.prepare("INSERT INTO `whitelisted-ips` (`ip`) VALUES (?)")) {
+            for (String ip : ipAddresses) {
+                statement.append(ip);
+                statement.addBatch();
+            }
+
+            statement.executeBatch();
+        }
+    }
+
+    @Override
+    public int versionNumber() {
+        return 1;
+    }
+
+    @Override
+    public boolean needsUpdate(VPNDatabase database) {
+        try (var statement = Query.prepare("select * from `database_version` where version = 1")) {
+           try(var set = statement.executeQuery()) {
+               return !set.next();
+           }
+        } catch (SQLException e) {
+            return true;
+        }
+    }
+}
@@ -0,0 +1,115 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.local.version;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.database.DatabaseException;
+import dev.brighten.antivpn.database.VPNDatabase;
+import dev.brighten.antivpn.database.sql.utils.Query;
+import dev.brighten.antivpn.database.version.Version;
+import dev.brighten.antivpn.utils.CIDRUtils;
+import dev.brighten.antivpn.utils.MiscUtils;
+
+import java.math.BigInteger;
+import java.net.UnknownHostException;
+import java.sql.SQLException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.logging.Level;
+
+public class Third implements Version<VPNDatabase> {
+    @Override
+    public void update(VPNDatabase database) throws DatabaseException {
+        List<CIDRUtils> ipRanges = new ArrayList<>();
+        List<CIDRUtils> rangesToInsert = new ArrayList<>();
+        List<BigInteger[]> rangesToRemove = new ArrayList<>(); 
+        try (var preparedQuery = Query.prepare("select ip_start, ip_end from `whitelisted-ranges`")) {
+            preparedQuery.execute(set -> {
+                BigInteger start = set.getBigDecimal("ip_start").toBigInteger();
+                BigInteger end = set.getBigDecimal("ip_end").toBigInteger();
+
+                try {
+                    var range = MiscUtils.rangeToCidrs(start, end);
+
+                    if(range.size() > 1) {
+                        rangesToRemove.add(new BigInteger[]{start, end});
+                        rangesToInsert.addAll(range);
+                        AntiVPN.getInstance().getExecutor().log(Level.WARNING, "Found multiple CIDR ranges for whitelist range for %s, %s!", start, end);
+                    } else ipRanges.addAll(range);
+                } catch (UnknownHostException e) {
+                    AntiVPN.getInstance().getExecutor().logException(
+                            String.format("Could not convert ip range to CIDR! %s, %s", start, end), e);
+                }
+            });
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not get all whitelisted ranges due to SQL error.", e);
+        }
+
+        AntiVPN.getInstance().getExecutor().log("Inserting %s new ranges into database...", rangesToInsert.size());
+
+        for (CIDRUtils cidr : rangesToInsert) {
+            try(var statement = Query.prepare("insert into `whitelisted-ranges` (`cidr_string`, `ip_start`, `ip_end`) values (?, ?, ?)")
+                    .append(cidr.getCidr()).append(cidr.getStartIpInt()).append(cidr.getEndIpInt())) {
+                statement.execute();
+            } catch (SQLException e) {
+                AntiVPN.getInstance().getExecutor().logException("Could not add cidr '" + cidr + "' to whitelist due to SQL error.", e);
+            }
+        }
+
+        AntiVPN.getInstance().getExecutor().log("Removing %s old ranges from database...", rangesToRemove.size());
+
+        for (BigInteger[] range : rangesToRemove) {
+            try(var statement = Query.prepare("delete from `whitelisted-ranges` where `ip_start` = ? and `ip_end` = ?")) {
+                statement.append(range[0]).append(range[1]).execute();
+            } catch (SQLException e) {
+                AntiVPN.getInstance().getExecutor().logException("Could not remove cidr range '" + range[0] + ", " + range[1] + "' from whitelist due to SQL error.", e);
+            }
+        }
+
+        AntiVPN.getInstance().getExecutor().log("Updating %s ranges to proper CIDR notation with the database", ipRanges.size());
+
+        for (CIDRUtils cidr : ipRanges) {
+            try(var statement = Query.prepare("update `whitelisted-ranges` set `cidr_string` = ? where `ip_start` = ? and `ip_end` = ?")) {
+                statement.append(cidr.getCidr()).append(cidr.getStartIpInt()).append(cidr.getEndIpInt()).execute();
+            } catch (SQLException e) {
+                AntiVPN.getInstance().getExecutor().logException("Could not update cidr '" + cidr + "' to proper CIDR notation in whitelist due to SQL error.", e);
+            }
+        }
+
+        try (var preparedStatement = Query.prepare("INSERT INTO `database_version` (`version`) VALUES (?)").append(versionNumber())) {
+            preparedStatement.execute();
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException("Could not update database version to 2 due to SQL error.", e);
+        }
+    }
+
+    @Override
+    public int versionNumber() {
+        return 2;
+    }
+
+    @Override
+    public boolean needsUpdate(VPNDatabase database) {
+        try (var statement = Query.prepare("select * from `database_version` where version = 2")) {
+            try(var set = statement.executeQuery()) {
+                return !set.next();
+            }
+        } catch (SQLException e) {
+            return true;
+        }
+    }
+}
@@ -0,0 +1,280 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.mongo;
+
+import com.github.benmanes.caffeine.cache.Cache;
+import com.github.benmanes.caffeine.cache.Caffeine;
+import com.mongodb.*;
+import com.mongodb.client.MongoClient;
+import com.mongodb.client.MongoClients;
+import com.mongodb.client.MongoCollection;
+import com.mongodb.client.MongoDatabase;
+import com.mongodb.client.model.Filters;
+import com.mongodb.client.model.UpdateOptions;
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.database.VPNDatabase;
+import dev.brighten.antivpn.database.version.Version;
+import dev.brighten.antivpn.utils.CIDRUtils;
+import dev.brighten.antivpn.web.objects.VPNResponse;
+import org.bson.Document;
+import org.bson.conversions.Bson;
+import org.bson.types.Decimal128;
+
+import java.math.BigDecimal;
+import java.net.UnknownHostException;
+import java.util.*;
+import java.util.concurrent.TimeUnit;
+import java.util.function.Consumer;
+
+public class MongoVPN implements VPNDatabase {
+
+    public MongoCollection<Document> settingsDocument;
+    MongoCollection<Document> cacheDocument;
+    private MongoClient client;
+    public MongoDatabase antivpnDatabase;
+
+    public MongoVPN() {
+        AntiVPN.getInstance().getExecutor().getThreadExecutor().scheduleAtFixedRate(() -> {
+            if(!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled()) return;
+
+            //Refreshing whitelisted players
+            AntiVPN.getInstance().getExecutor().getWhitelisted().clear();
+            AntiVPN.getInstance().getExecutor().getWhitelisted()
+                    .addAll(AntiVPN.getInstance().getDatabase().getAllWhitelisted());
+
+            //Refreshing whitlisted IPs
+            AntiVPN.getInstance().getExecutor().getWhitelistedIps().clear();
+            AntiVPN.getInstance().getExecutor().getWhitelistedIps()
+                    .addAll(AntiVPN.getInstance().getDatabase().getAllWhitelistedIps());
+        }, 2, 30, TimeUnit.SECONDS);
+    }
+    @Override
+    public Optional<VPNResponse> getStoredResponse(String ip) {
+        Document rdoc = cacheDocument.find(Filters.eq("ip", ip)).first();
+
+        if(rdoc != null) {
+            long lastUpdate = rdoc.get("lastAccess", 0L);
+
+            if(System.currentTimeMillis() - lastUpdate > TimeUnit.HOURS.toMillis(1)) {
+                AntiVPN.getInstance().getExecutor().getThreadExecutor().execute(() -> deleteResponse(ip));
+                return null;
+            }
+
+            return Optional.of(VPNResponse.builder().asn(rdoc.getString("asn")).ip(ip)
+                    .countryName(rdoc.getString("countryName"))
+                    .countryCode(rdoc.getString("countryCode"))
+                    .city(rdoc.getString("city"))
+                    .isp(rdoc.getString("isp"))
+                    .method(rdoc.getString("method"))
+                    .timeZone(rdoc.getString("timeZone"))
+                    .proxy(rdoc.getBoolean("proxy"))
+                    .cached(rdoc.getBoolean("cached"))
+                    .success(true)
+                    .latitude(rdoc.getDouble("latitude"))
+                    .longitude(rdoc.getDouble("longitude"))
+                    .lastAccess(rdoc.get("lastAccess", 0L))
+                    .build());
+        }
+        return Optional.empty();
+    }
+
+    @Override
+    public void cacheResponse(VPNResponse toCache) {
+        if(AntiVPN.getInstance().getVpnConfig().cachedResults()) {
+            Document rdoc = new Document("ip", toCache.getIp());
+
+            rdoc.put("asn", toCache.getAsn());
+            rdoc.put("countryName", toCache.getCountryName());
+            rdoc.put("countryCode", toCache.getCountryCode());
+            rdoc.put("city", toCache.getCity());
+            rdoc.put("isp", toCache.getIsp());
+            rdoc.put("method", toCache.getMethod());
+            rdoc.put("timeZone", toCache.getTimeZone());
+            rdoc.put("proxy", toCache.isProxy());
+            rdoc.put("cached", toCache.isCached());
+            rdoc.put("success", toCache.isSuccess());
+            rdoc.put("latitude", toCache.getLatitude());
+            rdoc.put("longitude", toCache.getLongitude());
+            rdoc.put("lastAccess", System.currentTimeMillis());
+
+            AntiVPN.getInstance().getExecutor().getThreadExecutor().execute(() -> {
+                Bson update = new Document("$set", rdoc);
+                cacheDocument.updateOne(Filters.eq("ip", toCache.getIp()), update,
+                        new UpdateOptions().upsert(true));
+            });
+        }
+    }
+
+    @Override
+    public void deleteResponse(String ip) {
+        cacheDocument.deleteMany(Filters.eq("ip", ip));
+    }
+
+    @Override
+    public boolean isWhitelisted(UUID uuid) {
+        return settingsDocument
+                .find(Filters.and(Filters.eq("setting", "whitelist"),
+                        Filters.eq("uuid", uuid.toString()))).first() != null;
+    }
+
+    @Override
+    public boolean isWhitelisted(String cidr) {
+        try {
+            return isWhitelisted(new CIDRUtils(cidr));
+        } catch (UnknownHostException e) {
+            AntiVPN.getInstance().getExecutor().log("Failed to check whitelist for IP: " + cidr, e);
+            return false;
+        }
+    }
+
+    @Override
+    public boolean isWhitelisted(CIDRUtils cidr) {
+        var start =  new Decimal128(new BigDecimal(cidr.getStartIpInt()));
+        var end = new Decimal128(new BigDecimal(cidr.getEndIpInt()));
+        return settingsDocument.find(Filters.and(Filters.eq("setting", "whitelist"),
+                Filters.lte("ip_start", start), Filters.gte("ip_end", end))).first() != null;
+    }
+
+    @Override
+    public void addWhitelist(UUID uuid) {
+        Document wdoc = new Document("setting", "whitelist");
+        wdoc.put("uuid", uuid.toString());
+        AntiVPN.getInstance().getExecutor().getWhitelisted().add(uuid);
+        settingsDocument.insertOne(wdoc);
+    }
+
+    @Override
+    public void removeWhitelist(UUID uuid) {
+        AntiVPN.getInstance().getExecutor().getWhitelisted().remove(uuid);
+        settingsDocument.deleteMany(Filters
+                .and(
+                        Filters.eq("setting", "whitelist"),
+                        Filters.eq("uuid", uuid.toString())));
+    }
+
+    @Override
+    public void addWhitelist(CIDRUtils cidr) {
+        Document doc = new Document("setting", "whitelist");
+        doc.append("ip_start", new Decimal128(new BigDecimal(cidr.getStartIpInt())));
+        doc.append("ip_end", new Decimal128(new BigDecimal(cidr.getEndIpInt())));
+        doc.append("cidr_string", cidr.getCidr());
+
+        settingsDocument.insertOne(doc);
+    }
+
+    @Override
+    public void removeWhitelist(CIDRUtils cidr) {
+        settingsDocument.deleteMany(Filters
+                .and(
+                        Filters.eq("setting", "whitelist"),
+                        Filters.eq("ip_start", new Decimal128(new BigDecimal(cidr.getStartIpInt()))),
+                        Filters.eq("ip_end", new Decimal128(new BigDecimal(cidr.getEndIpInt())))));
+    }
+
+    @Override
+    public List<UUID> getAllWhitelisted() {
+        List<UUID> uuids = new ArrayList<>();
+        settingsDocument.find(Filters.and(Filters.eq("setting", "whitelist"),
+                Filters.exists("uuid")))
+                .forEach((Consumer<? super Document>) doc -> uuids.add(UUID.fromString(doc.getString("uuid"))));
+        return uuids;
+    }
+
+    @Override
+    public List<CIDRUtils> getAllWhitelistedIps() {
+        List<CIDRUtils> ips = new ArrayList<>();
+        settingsDocument.find(Filters.and(Filters.eq("setting", "whitelist"),
+                        Filters.exists("cidr_string"))).forEach((Consumer<? super Document>) doc -> {
+                    try {
+                        var cidr = new CIDRUtils(doc.getString("cidr_string"));
+                        ips.add(cidr);
+                    } catch (UnknownHostException e) {
+                        AntiVPN.getInstance().getExecutor().logException("Could not format ip " + doc.getString("cidr_string") + " into a CIDR!", e);
+                    }
+                });
+        return ips;
+    }
+
+    @Override
+    public void alertsState(UUID uuid, Consumer<Boolean> result) {
+        AntiVPN.getInstance().getExecutor().getThreadExecutor().execute(() -> result.accept(settingsDocument
+                .find(Filters.and(Filters.eq("setting", "alerts"),
+                Filters.eq("uuid", uuid.toString()))).first() != null));
+    }
+
+    @Override
+    public void updateAlertsState(UUID uuid, boolean state) {
+        AntiVPN.getInstance().getExecutor().getThreadExecutor().execute(() -> {
+            settingsDocument.deleteMany(Filters.and(Filters.eq("setting", "alerts"),
+                    Filters.eq("uuid", uuid.toString())));
+            if(state) {
+                Document adoc = new Document("setting", "alerts");
+
+                adoc.put("uuid", uuid.toString());
+                settingsDocument.insertOne(adoc);
+            }
+        });
+    }
+
+    @Override
+    public void clearResponses() {
+        cacheDocument.deleteMany(Filters.exists("ip"));
+    }
+
+    @Override
+    public void init() {
+        if(!AntiVPN.getInstance().getVpnConfig().mongoDatabaseURL().isEmpty()) { //URL
+            ConnectionString cs = new ConnectionString(AntiVPN.getInstance().getVpnConfig().mongoDatabaseURL());
+            MongoClientSettings settings = MongoClientSettings.builder().applyConnectionString(cs).build();
+            client = MongoClients.create(settings);
+        } else {
+            MongoClientSettings.Builder settingsBld = MongoClientSettings.builder().readPreference(ReadPreference.nearest())
+                    .applyToClusterSettings(builder -> builder.
+                            hosts(Collections.singletonList(
+                                    new ServerAddress(
+                                            AntiVPN.getInstance().getVpnConfig().getIp(),
+                                            AntiVPN.getInstance().getVpnConfig().getPort())
+                            )));
+            if(AntiVPN.getInstance().getVpnConfig().useDatabaseCreds()) {
+                settingsBld.credential(MongoCredential
+                        .createCredential(AntiVPN.getInstance().getVpnConfig().getUsername(),
+                                AntiVPN.getInstance().getVpnConfig().getDatabaseName(),
+                                AntiVPN.getInstance().getVpnConfig().getPassword().toCharArray()));
+            }
+
+            client = MongoClients.create(settingsBld.build());
+        }
+        antivpnDatabase = client.getDatabase(AntiVPN.getInstance().getVpnConfig().getDatabaseName());
+
+        settingsDocument = antivpnDatabase.getCollection("settings");
+
+        cacheDocument = antivpnDatabase.getCollection("cache");
+
+        for (Version<MongoVPN> mongoDbVersion : Version.mongoDbVersions) {
+            if(mongoDbVersion.needsUpdate(this)) {
+                mongoDbVersion.update(this);
+            }
+        }
+    }
+
+    @Override
+    public void shutdown() {
+        settingsDocument = null;
+        cacheDocument = null;
+        client.close();
+    }
+}
@@ -0,0 +1,52 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.mongo.version;
+
+import com.mongodb.client.model.Filters;
+import com.mongodb.client.model.Indexes;
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.database.DatabaseException;
+import dev.brighten.antivpn.database.mongo.MongoVPN;
+import dev.brighten.antivpn.database.version.Version;
+import org.bson.Document;
+
+public class MongoFirst implements Version<MongoVPN> {
+
+    @Override
+    public void update(MongoVPN database) throws DatabaseException {
+        if(database.settingsDocument.listIndexes().first() == null) {
+            AntiVPN.getInstance().getExecutor().log("Created index for settings collection!");
+            database.settingsDocument.createIndex(Indexes.ascending("ip"));
+            database.settingsDocument.createIndex(Indexes.ascending("setting"));
+        }
+        var versionCollect = database.antivpnDatabase.getCollection("version");
+
+        versionCollect.insertOne(new Document("version", versionNumber()));
+    }
+
+    @Override
+    public int versionNumber() {
+        return 0;
+    }
+
+    @Override
+    public boolean needsUpdate(MongoVPN database) {
+        var versionCollect = database.antivpnDatabase.getCollection("version");
+
+        return versionCollect.find(Filters.eq("version", versionNumber())).first() == null;
+    }
+}
@@ -0,0 +1,84 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.mongo.version;
+
+import com.mongodb.client.model.Filters;
+import com.mongodb.client.model.Indexes;
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.database.DatabaseException;
+import dev.brighten.antivpn.database.mongo.MongoVPN;
+import dev.brighten.antivpn.database.version.Version;
+import dev.brighten.antivpn.utils.CIDRUtils;
+import org.bson.Document;
+import org.bson.types.Decimal128;
+
+import java.math.BigDecimal;
+import java.net.UnknownHostException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.function.Consumer;
+
+public class MongoSecond implements Version<MongoVPN> {
+    @Override
+    public void update(MongoVPN database) throws DatabaseException {
+        List<Document> backup = new ArrayList<>();
+        database.settingsDocument.find(Filters.and(Filters.eq("setting", "whitelist"),
+                        Filters.exists("ip")))
+                .forEach((Consumer<? super Document>) doc -> {
+                    backup.add(new Document(doc));
+
+                    String ip = doc.getString("ip");
+
+                    try {
+                        var cidr = new CIDRUtils(ip + "/32");
+
+                        doc.append("ip_start", new Decimal128(new BigDecimal(cidr.getStartIpInt())));
+                        doc.append("ip_end", new Decimal128(new BigDecimal(cidr.getEndIpInt())));
+                        doc.append("cidr_string", cidr.toString());
+                        doc.remove("ip");
+
+                        database.settingsDocument.replaceOne(Filters.eq("_id", doc.getObjectId("_id")), doc);
+                    } catch (UnknownHostException e) {
+                        rollback(backup, database);
+                        throw new RuntimeException(e);
+                    }
+                });
+
+        database.settingsDocument.createIndex(Indexes.compoundIndex(Indexes.ascending("ip_start"), Indexes.ascending("ip_end")));
+        database.settingsDocument.createIndex(Indexes.ascending("cidr_string"));
+        var versionCollect = database.antivpnDatabase.getCollection("version");
+        versionCollect.insertOne(new Document("version", versionNumber()));
+    }
+
+    private void rollback(List<Document> toRollback, MongoVPN database) {
+        AntiVPN.getInstance().getExecutor().log("Rolling back to version 0...");
+        toRollback.forEach(doc -> database.settingsDocument.replaceOne(Filters.eq("_id", doc.getObjectId("_id")), doc));
+        toRollback.clear();
+    }
+
+    @Override
+    public int versionNumber() {
+        return 1;
+    }
+
+    @Override
+    public boolean needsUpdate(MongoVPN database) {
+        var versionCollect = database.antivpnDatabase.getCollection("version");
+
+        return versionCollect.find(Filters.eq("version", versionNumber())).first() == null;
+    }
+}
@@ -0,0 +1,108 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.mongo.version;
+
+import com.mongodb.client.model.Filters;
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.database.DatabaseException;
+import dev.brighten.antivpn.database.mongo.MongoVPN;
+import dev.brighten.antivpn.database.version.Version;
+import dev.brighten.antivpn.utils.CIDRUtils;
+import dev.brighten.antivpn.utils.MiscUtils;
+import org.bson.Document;
+import org.bson.types.Decimal128;
+
+import java.math.BigDecimal;
+import java.math.BigInteger;
+import java.net.UnknownHostException;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.function.Consumer;
+import java.util.logging.Level;
+
+public class MongoThird  implements Version<MongoVPN> {
+    @Override
+    public void update(MongoVPN database) throws DatabaseException {
+        List<CIDRUtils> ipRanges = new ArrayList<>();
+        List<CIDRUtils> rangesToInsert = new ArrayList<>();
+        List<BigInteger[]> rangesToRemove = new ArrayList<>();
+        database.settingsDocument.find(Filters.and(Filters.eq("setting", "whitelist"), Filters.exists("cidr_string")))
+                .forEach((Consumer<? super Document>) doc -> {
+                    BigInteger start = doc.get("ip_start", Decimal128.class).bigDecimalValue().toBigInteger();
+                    BigInteger end = doc.get("ip_end", Decimal128.class).bigDecimalValue().toBigInteger();
+
+                    try {
+                        var range = MiscUtils.rangeToCidrs(start, end);
+
+                        if(range.size() > 1) {
+                            rangesToRemove.add(new BigInteger[]{start, end});
+                            rangesToInsert.addAll(range);
+                            AntiVPN.getInstance().getExecutor().log(Level.WARNING, "Found multiple CIDR ranges for whitelist range for %s, %s!", start, end);
+                        } else ipRanges.addAll(range);
+                    } catch (UnknownHostException e) {
+                        AntiVPN.getInstance().getExecutor().logException(
+                                String.format("Could not convert ip range to CIDR! %s, %s", start, end), e);
+                    }
+                });
+
+        if(!rangesToInsert.isEmpty()) {
+            AntiVPN.getInstance().getExecutor().log("Inserting %s new ranges into database...", rangesToInsert.size());
+            var documentsToInsert = rangesToInsert.stream().map(cidr -> {
+                Document doc = new Document("setting", "whitelist");
+                doc.append("ip_start", new Decimal128(new BigDecimal(cidr.getStartIpInt())));
+                doc.append("ip_end", new Decimal128(new BigDecimal(cidr.getEndIpInt())));
+                doc.append("cidr_string", cidr.getCidr());
+
+                return doc;
+            }).toList();
+
+            database.settingsDocument.insertMany(documentsToInsert);
+        }
+        if(!rangesToRemove.isEmpty()) {
+            AntiVPN.getInstance().getExecutor().log("Removing %s old ranges from database...", rangesToRemove.size());
+            rangesToRemove.forEach(range -> database.settingsDocument
+                    .deleteMany(Filters.and(
+                            Filters.gte("ip_start", new Decimal128(new BigDecimal(range[0]))),
+                            Filters.lte("ip_end", new Decimal128(new BigDecimal(range[1]))))));
+        }
+
+        if(!ipRanges.isEmpty()) {
+            AntiVPN.getInstance().getExecutor().log("Updating %s CIDRs in database with proper notation...", ipRanges.size());
+
+            ipRanges.forEach(cidr -> database.settingsDocument
+                    .updateMany(Filters.and(Filters.eq("setting", "whitelist"),
+                                    Filters.eq("ip_start", new Decimal128(new BigDecimal(cidr.getStartIpInt()))),
+                                    Filters.eq("ip_end", new Decimal128(new BigDecimal(cidr.getEndIpInt())))),
+                            new Document("$set", new Document("cidr_string", cidr.getCidr()))));
+        }
+
+        var versionCollect = database.antivpnDatabase.getCollection("version");
+        versionCollect.insertOne(new Document("version", versionNumber()));
+    }
+
+    @Override
+    public int versionNumber() {
+        return 2;
+    }
+
+    @Override
+    public boolean needsUpdate(MongoVPN database) {
+        var versionCollect = database.antivpnDatabase.getCollection("version");
+
+        return versionCollect.find(Filters.eq("version", versionNumber())).first() == null;
+    }
+}
@@ -0,0 +1,64 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.sql;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.database.local.H2VPN;
+import dev.brighten.antivpn.database.sql.utils.MySQL;
+import dev.brighten.antivpn.database.version.Version;
+
+import java.util.concurrent.TimeUnit;
+
+public class MySqlVPN extends H2VPN {
+
+    public MySqlVPN() {
+        AntiVPN.getInstance().getExecutor().getThreadExecutor().scheduleAtFixedRate(() -> {
+            if(!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled() || MySQL.isClosed()) return;
+
+            //Refreshing whitelisted players
+            AntiVPN.getInstance().getExecutor().getWhitelisted().clear();
+            AntiVPN.getInstance().getExecutor().getWhitelisted()
+                    .addAll(AntiVPN.getInstance().getDatabase().getAllWhitelisted());
+
+            //Refreshing whitlisted IPs
+            AntiVPN.getInstance().getExecutor().getWhitelistedIps().clear();
+            AntiVPN.getInstance().getExecutor().getWhitelistedIps()
+                    .addAll(AntiVPN.getInstance().getDatabase().getAllWhitelistedIps());
+        }, 2, 30, TimeUnit.SECONDS);
+    }
+
+    @Override
+    public void init() {
+        if (!AntiVPN.getInstance().getVpnConfig().isDatabaseEnabled())
+            return;
+        AntiVPN.getInstance().getExecutor().log("Initializing MySQL...");
+        MySQL.init();
+
+        AntiVPN.getInstance().getExecutor().log("Checking for updates...");
+
+        //Running check for old table types to update
+        try {
+            for (Version<MySqlVPN> version : Version.mysqlVersions) {
+                if(version.needsUpdate(this)) {
+                    version.update(this);
+                }
+            }
+        } catch (Exception e) {
+            throw new RuntimeException("Could not complete version setup due to SQL error", e);
+        }
+    }
+}
@@ -0,0 +1,147 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.sql.utils;
+
+import lombok.Getter;
+import lombok.SneakyThrows;
+
+import java.sql.*;
+import java.util.UUID;
+
+public class ExecutableStatement implements AutoCloseable {
+    @Getter
+    private final PreparedStatement statement;
+    private int pos = 1;
+
+    public ExecutableStatement(PreparedStatement statement) {
+        this.statement = statement;
+    }
+
+    public int execute() throws SQLException {
+        return statement.executeUpdate();
+    }
+
+    public void execute(ResultSetIterator iterator) throws SQLException {
+        try(var rs = statement.executeQuery()) {
+            while (rs.next()) iterator.next(rs);
+        }
+    }
+
+    public int[] executeBatch() throws SQLException {
+        return statement.executeBatch();
+    }
+
+    public ResultSet executeQuery() throws SQLException {
+        return statement.executeQuery();
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(Object obj) {
+        statement.setObject(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(String obj) {
+        statement.setString(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(UUID uuid) {
+        if (uuid != null) statement.setString(pos++, uuid.toString().replace("-", ""));
+        else statement.setString(pos++, null);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(Array obj) {
+        statement.setArray(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(Integer obj) {
+        statement.setInt(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(Short obj) {
+        statement.setShort(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(Long obj) {
+        statement.setLong(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(Float obj) {
+        statement.setFloat(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(Double obj) {
+        statement.setDouble(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(Date obj) {
+        statement.setDate(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(Timestamp obj) {
+        statement.setTimestamp(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(Time obj) {
+        statement.setTime(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(Blob obj) {
+        statement.setBlob(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement append(byte[] obj) {
+        statement.setBytes(pos++, obj);
+        return this;
+    }
+
+    @SneakyThrows
+    public ExecutableStatement addBatch() {
+        statement.addBatch();
+        return this;
+    }
+
+    @Override
+    public void close() throws SQLException {
+        statement.close();
+    }
+}
@@ -0,0 +1,195 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.sql.utils;
+
+import com.mysql.cj.jdbc.Driver;
+import dev.brighten.antivpn.AntiVPN;
+import org.h2.jdbc.JdbcSQLFeatureNotSupportedException;
+import org.h2.jdbc.JdbcSQLNonTransientConnectionException;
+
+import java.io.File;
+import java.io.IOException;
+import java.nio.file.Files;
+import java.sql.Connection;
+import java.sql.SQLException;
+import java.sql.SQLSyntaxErrorException;
+import java.util.Properties;
+import java.util.logging.Level;
+
+public class MySQL {
+    private static Connection conn;
+
+    public static void init() {
+        try {
+            if (conn == null || conn.isClosed()) {
+                String url = "jdbc:mysql://" + AntiVPN.getInstance().getVpnConfig().getIp()
+                        + ":" + AntiVPN.getInstance().getVpnConfig().getPort()
+                        + "/?useSSL=true&autoReconnect=true";
+                Properties properties = new Properties();
+                properties.setProperty("user", AntiVPN.getInstance().getVpnConfig().getUsername());
+                properties.setProperty("password", AntiVPN.getInstance().getVpnConfig().getPassword());
+
+                conn = new Driver().connect(url, properties);
+                if (conn == null) {
+                    throw new SQLException("MySQL driver did not accept URL: " + url);
+                }
+                conn.setAutoCommit(true);
+                Query.use(conn);
+                String databaseName = AntiVPN.getInstance().getVpnConfig().getDatabaseName();
+
+                try {
+                    Query.prepare("CREATE DATABASE IF NOT EXISTS `" + databaseName + "`").execute();
+                } catch (SQLException ex) {
+                    if (!isDatabaseCreationPermissionIssue(ex)) {
+                        throw ex;
+                    }
+
+                    AntiVPN.getInstance().getExecutor().log(
+                            "No permission to create MySQL database `" + databaseName
+                                    + "`. Attempting to use the existing database instead.");
+                }
+
+                Query.prepare("USE `" + databaseName + "`").execute();
+                AntiVPN.getInstance().getExecutor().log("Connection to MySQL has been established.");
+            }
+        } catch (Exception e) {
+            AntiVPN.getInstance().getExecutor().logException("Failed to load mysql: " + e.getMessage(), e);
+            throw new RuntimeException("Could not initialize MySQL connection", e);
+        }
+    }
+
+    private static boolean isDatabaseCreationPermissionIssue(SQLException ex) {
+        return ex instanceof SQLSyntaxErrorException
+                && ex.getMessage() != null
+                && ex.getMessage().contains("Access denied");
+    }
+
+    public static void initH2() {
+        initH2(true);
+    }
+
+    private static void initH2(boolean allowRetry) {
+        File dataFolder = new File(AntiVPN.getInstance().getPluginFolder(), "databases");
+        if (!dataFolder.exists() && dataFolder.mkdirs()) {
+            AntiVPN.getInstance().getExecutor().log("Created database directory");
+        }
+
+        File dbFile = new File(dataFolder, "database.mv.db");
+
+        File databaseFile = new File(dataFolder, "database");
+        try {
+            conn = new NonClosableConnection(new org.h2.jdbc.JdbcConnection("jdbc:h2:file:" +
+                    databaseFile.getAbsolutePath(),
+                    new Properties(), AntiVPN.getInstance().getVpnConfig().getUsername(),
+                    AntiVPN.getInstance().getVpnConfig().getPassword(), false));
+            conn.setAutoCommit(true);
+            Query.use(conn);
+            AntiVPN.getInstance().getExecutor().log("Connection to H2 has been established.");
+        } catch (SQLException ex) {
+            AntiVPN.getInstance().getExecutor().logException("H2 exception on initialize", ex);
+            if(ex instanceof JdbcSQLFeatureNotSupportedException
+                    || ex instanceof JdbcSQLNonTransientConnectionException) {
+                AntiVPN.getInstance().getExecutor()
+                        .log("H2 database file is incompatible with this version of AntiVPN. " +
+                                "Backing up old database file...");
+                shutdown();
+                if (allowRetry && backupOldDB(dbFile, dataFolder)) {
+                    initH2(false);
+                } else {
+                    AntiVPN.getInstance().getExecutor().log(
+                            "Could not back up and remove the incompatible H2 database file automatically.");
+                }
+            } else {
+                AntiVPN.getInstance().getExecutor().logException("Failed to load H2 database: " + ex.getCause().toString(), ex);
+            }
+        } catch (Exception e) {
+            AntiVPN.getInstance().getExecutor().logException("Failed to load H2 database: " + e.getMessage(), e);
+            AntiVPN.getInstance().getExecutor().log(Level.INFO, "TIP: Try deleting the plugin folder and restarting your server!");
+        }
+    }
+
+    public static boolean backupOldDB(File dbFile, File dataFolder) {
+        if (!dbFile.exists()) {
+            return true;
+        }
+
+        if (!dbFile.isFile()) {
+            AntiVPN.getInstance().getExecutor().log("Skipping backup for non-file path: " + dbFile.getAbsolutePath());
+            return false;
+        }
+
+        try {
+            File backupDir = new File(dataFolder, "backups");
+            if(backupDir.mkdirs()) {
+                AntiVPN.getInstance().getExecutor().log("Created backup directory");
+            } else if (backupDir.exists()) {
+                AntiVPN.getInstance().getExecutor().log("Backup directory already exists");
+            } else {
+                AntiVPN.getInstance().getExecutor().log("Could not create backup directory");
+                return false;
+            }
+            File backupFile = new File(backupDir, dbFile.getName() + ".backup_" + System.currentTimeMillis());
+            Files.copy(dbFile.toPath(), backupFile.toPath());
+
+            if (!dbFile.delete()) {
+                dbFile.deleteOnExit();
+                AntiVPN.getInstance().getExecutor().log("Could not delete database file - will try again on shutdown");
+                return false;
+            }
+
+            AntiVPN.getInstance().getExecutor().log("Successfully deleted incompatible database file");
+            return true;
+        } catch (IOException ex) {
+            AntiVPN.getInstance().getExecutor().logException("Failed to handle database file", ex);
+        }
+
+        return false;
+    }
+
+    public static void use() {
+        try {
+            init();
+        } catch (Exception e) {
+            AntiVPN.getInstance().getExecutor().logException(e);
+        }
+    }
+
+    public static void shutdown() {
+        try {
+            if(conn != null && !conn.isClosed()) {
+                if(conn instanceof NonClosableConnection) {
+                    ((NonClosableConnection)conn).shutdown();
+                } else conn.close();
+                conn = null;
+            }
+        } catch (Exception e) {
+            AntiVPN.getInstance().getExecutor().logException(e);
+        }
+    }
+
+    public static boolean isClosed() {
+        if(conn == null)
+            return true;
+
+        try {
+            return conn.isClosed();
+        } catch (SQLException e) {
+            AntiVPN.getInstance().getExecutor().logException(e);
+            return true;
+        }
+    }
+}
@@ -0,0 +1,113 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.sql.utils;
+
+import java.sql.*;
+import java.util.Map;
+import java.util.Properties;
+import java.util.concurrent.Executor;
+
+/**
+ * A wrapper around a {@link Connection} which blocks usage of the default {@link #close()} method.
+ */
+public class NonClosableConnection implements Connection {
+    private final Connection delegate;
+
+    public NonClosableConnection(Connection delegate) {
+        this.delegate = delegate;
+    }
+
+    /**
+     * Actually {@link #close() closes} the underlying connection.
+     */
+    public final void shutdown() throws SQLException {
+        this.delegate.close();
+    }
+
+    @Override
+    public final void close() throws SQLException {
+        // do nothing
+    }
+
+    @Override
+    public final boolean isWrapperFor(Class<?> iface) throws SQLException {
+        return iface.isInstance(this.delegate) || this.delegate.isWrapperFor(iface);
+    }
+
+    @SuppressWarnings("unchecked")
+    @Override
+    public final <T> T unwrap(Class<T> iface) throws SQLException {
+        if (iface.isInstance(this.delegate)) {
+            return (T) this.delegate;
+        }
+        return this.delegate.unwrap(iface);
+    }
+
+    // Forward to the delegate connection
+    @Override public Statement createStatement() throws SQLException { return this.delegate.createStatement(); }
+    @Override public PreparedStatement prepareStatement(String sql) throws SQLException { return this.delegate.prepareStatement(sql); }
+    @Override public CallableStatement prepareCall(String sql) throws SQLException { return this.delegate.prepareCall(sql); }
+    @Override public String nativeSQL(String sql) throws SQLException { return this.delegate.nativeSQL(sql); }
+    @Override public void setAutoCommit(boolean autoCommit) throws SQLException { this.delegate.setAutoCommit(autoCommit); }
+    @Override public boolean getAutoCommit() throws SQLException { return this.delegate.getAutoCommit(); }
+    @Override public void commit() throws SQLException { this.delegate.commit(); }
+    @Override public void rollback() throws SQLException { this.delegate.rollback(); }
+    @Override public boolean isClosed() throws SQLException { return this.delegate.isClosed(); }
+    @Override public DatabaseMetaData getMetaData() throws SQLException { return this.delegate.getMetaData(); }
+    @Override public void setReadOnly(boolean readOnly) throws SQLException { this.delegate.setReadOnly(readOnly); }
+    @Override public boolean isReadOnly() throws SQLException { return this.delegate.isReadOnly(); }
+    @Override public void setCatalog(String catalog) throws SQLException { this.delegate.setCatalog(catalog); }
+    @Override public String getCatalog() throws SQLException { return this.delegate.getCatalog(); }
+    @Override public void setTransactionIsolation(int level) throws SQLException { this.delegate.setTransactionIsolation(level); }
+    @Override public int getTransactionIsolation() throws SQLException { return this.delegate.getTransactionIsolation(); }
+    @Override public SQLWarning getWarnings() throws SQLException { return this.delegate.getWarnings(); }
+    @Override public void clearWarnings() throws SQLException { this.delegate.clearWarnings(); }
+    @Override public Statement createStatement(int resultSetType, int resultSetConcurrency) throws SQLException { return this.delegate.createStatement(resultSetType, resultSetConcurrency); }
+    @Override public PreparedStatement prepareStatement(String sql, int resultSetType, int resultSetConcurrency) throws SQLException { return this.delegate.prepareStatement(sql, resultSetType, resultSetConcurrency); }
+    @Override public CallableStatement prepareCall(String sql, int resultSetType, int resultSetConcurrency) throws SQLException { return this.delegate.prepareCall(sql, resultSetType, resultSetConcurrency); }
+    @Override public Map<String, Class<?>> getTypeMap() throws SQLException { return this.delegate.getTypeMap(); }
+    @Override public void setTypeMap(Map<String, Class<?>> map) throws SQLException { this.delegate.setTypeMap(map); }
+    @Override public void setHoldability(int holdability) throws SQLException { this.delegate.setHoldability(holdability); }
+    @Override public int getHoldability() throws SQLException { return this.delegate.getHoldability(); }
+    @Override public Savepoint setSavepoint() throws SQLException { return this.delegate.setSavepoint(); }
+    @Override public Savepoint setSavepoint(String name) throws SQLException { return this.delegate.setSavepoint(name); }
+    @Override public void rollback(Savepoint savepoint) throws SQLException { this.delegate.rollback(savepoint); }
+    @Override public void releaseSavepoint(Savepoint savepoint) throws SQLException { this.delegate.releaseSavepoint(savepoint); }
+    @Override public Statement createStatement(int resultSetType, int resultSetConcurrency, int resultSetHoldability) throws SQLException { return this.delegate.createStatement(resultSetType, resultSetConcurrency, resultSetHoldability); }
+    @Override public PreparedStatement prepareStatement(String sql, int resultSetType, int resultSetConcurrency, int resultSetHoldability) throws SQLException { return this.delegate.prepareStatement(sql, resultSetType, resultSetConcurrency, resultSetHoldability); }
+    @Override public CallableStatement prepareCall(String sql, int resultSetType, int resultSetConcurrency, int resultSetHoldability) throws SQLException { return this.delegate.prepareCall(sql, resultSetType, resultSetConcurrency, resultSetHoldability); }
+    @Override public PreparedStatement prepareStatement(String sql, int autoGeneratedKeys) throws SQLException { return this.delegate.prepareStatement(sql, autoGeneratedKeys); }
+    @Override public PreparedStatement prepareStatement(String sql, int[] columnIndexes) throws SQLException { return this.delegate.prepareStatement(sql, columnIndexes); }
+    @Override public PreparedStatement prepareStatement(String sql, String[] columnNames) throws SQLException { return this.delegate.prepareStatement(sql, columnNames); }
+    @Override public Clob createClob() throws SQLException { return this.delegate.createClob(); }
+    @Override public Blob createBlob() throws SQLException { return this.delegate.createBlob(); }
+    @Override public NClob createNClob() throws SQLException { return this.delegate.createNClob(); }
+    @Override public SQLXML createSQLXML() throws SQLException { return this.delegate.createSQLXML(); }
+    @Override public boolean isValid(int timeout) throws SQLException { return this.delegate.isValid(timeout); }
+    @Override public void setClientInfo(String name, String value) throws SQLClientInfoException { this.delegate.setClientInfo(name, value); }
+    @Override public void setClientInfo(Properties properties) throws SQLClientInfoException { this.delegate.setClientInfo(properties); }
+    @Override public String getClientInfo(String name) throws SQLException { return this.delegate.getClientInfo(name); }
+    @Override public Properties getClientInfo() throws SQLException { return this.delegate.getClientInfo(); }
+    @Override public Array createArrayOf(String typeName, Object[] elements) throws SQLException { return this.delegate.createArrayOf(typeName, elements); }
+    @Override public Struct createStruct(String typeName, Object[] attributes) throws SQLException { return this.delegate.createStruct(typeName, attributes); }
+    @Override public void setSchema(String schema) throws SQLException { this.delegate.setSchema(schema); }
+    @Override public String getSchema() throws SQLException { return this.delegate.getSchema(); }
+    @Override public void abort(Executor executor) throws SQLException { this.delegate.abort(executor); }
+    @Override public void setNetworkTimeout(Executor executor, int milliseconds) throws SQLException { this.delegate.setNetworkTimeout(executor, milliseconds); }
+    @Override public int getNetworkTimeout() throws SQLException { return this.delegate.getNetworkTimeout(); }
+
+}
@@ -0,0 +1,39 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.sql.utils;
+
+import lombok.Getter;
+import org.intellij.lang.annotations.Language;
+
+import java.sql.Connection;
+import java.sql.SQLException;
+
+public class Query {
+    @Getter
+    private static Connection conn;
+
+    public static void use(Connection conn) {
+        Query.conn = conn;
+    }
+
+    @SuppressWarnings("SqlSourceToSinkFlow")
+    public static ExecutableStatement prepare(@Language("SQL") String sql) throws SQLException {
+        return new ExecutableStatement(conn.prepareStatement(sql));
+    }
+
+
+}
@@ -0,0 +1,24 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.sql.utils;
+
+import java.sql.ResultSet;
+import java.sql.SQLException;
+
+public interface ResultSetIterator {
+    void next(ResultSet rs) throws SQLException;
+}
@@ -0,0 +1,51 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.sql.version;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.database.DatabaseException;
+import dev.brighten.antivpn.database.VPNDatabase;
+import dev.brighten.antivpn.database.local.version.First;
+import dev.brighten.antivpn.database.sql.utils.Query;
+
+import java.sql.SQLException;
+
+public class MySQLFirst extends First {
+
+    @Override
+    public void update(VPNDatabase database) throws DatabaseException {
+        try(var statement = Query.prepare("select `DATA_TYPE` from INFORMATION_SCHEMA.COLUMNS " +
+                "WHERE table_name = 'responses' AND COLUMN_NAME = 'isp';")) {
+            statement.execute(set -> {
+                if(set.getObject("DATA_TYPE").toString().contains("varchar")) {
+                    AntiVPN.getInstance().getExecutor().log("Using old database format for storing responses! " +
+                            "Dropping table and creating a new one...");
+                    try(var state = Query.prepare("drop table `responses`")) {
+                        if(state.execute() > 0) {
+                            AntiVPN.getInstance().getExecutor().log("Successfully dropped table!");
+                        }
+                    }
+
+
+                }
+            });
+        } catch (SQLException e) {
+            throw new DatabaseException("Could not update MySQL database", e);
+        }
+        super.update(database);
+    }
+}
@@ -0,0 +1,40 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.database.version;
+
+import dev.brighten.antivpn.database.DatabaseException;
+import dev.brighten.antivpn.database.local.H2VPN;
+import dev.brighten.antivpn.database.local.version.First;
+import dev.brighten.antivpn.database.local.version.Second;
+import dev.brighten.antivpn.database.local.version.Third;
+import dev.brighten.antivpn.database.mongo.MongoVPN;
+import dev.brighten.antivpn.database.mongo.version.MongoFirst;
+import dev.brighten.antivpn.database.mongo.version.MongoSecond;
+import dev.brighten.antivpn.database.mongo.version.MongoThird;
+import dev.brighten.antivpn.database.sql.MySqlVPN;
+import dev.brighten.antivpn.database.sql.version.MySQLFirst;
+
+
+public interface Version<DB> {
+    void update(DB database) throws DatabaseException;
+    int versionNumber();
+    boolean needsUpdate(DB database);
+
+    Version<MongoVPN>[] mongoDbVersions = new Version[] {new MongoFirst(), new MongoSecond(), new MongoThird()};
+    Version<MySqlVPN>[] mysqlVersions = new Version[] {new MySQLFirst(), new Second(), new Third()};
+    Version<H2VPN>[] h2Versions = new Version[] {new First(), new Second(), new Third()};
+}
@@ -0,0 +1,864 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.depends;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.utils.NonnullByDefault;
+import dev.brighten.antivpn.utils.Supplier;
+import dev.brighten.antivpn.utils.Suppliers;
+import lombok.Getter;
+import org.objectweb.asm.AnnotationVisitor;
+import org.objectweb.asm.ClassReader;
+import org.objectweb.asm.ClassVisitor;
+import org.objectweb.asm.ClassWriter;
+import org.objectweb.asm.FieldVisitor;
+import org.objectweb.asm.MethodVisitor;
+import org.objectweb.asm.Opcodes;
+import org.objectweb.asm.RecordComponentVisitor;
+import org.objectweb.asm.commons.ClassRemapper;
+import org.objectweb.asm.commons.Remapper;
+
+import java.io.*;
+import java.net.MalformedURLException;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.nio.charset.StandardCharsets;
+import java.nio.file.Files;
+import java.util.*;
+import java.util.jar.JarEntry;
+import java.util.jar.JarFile;
+import java.util.jar.JarOutputStream;
+
+/**
+ * Resolves {@link MavenLibrary} annotations for a class, and loads the dependency
+ * into the classloader.
+ */
+@SuppressWarnings("CallToPrintStackTrace")
+@NonnullByDefault
+public final class LibraryLoader {
+    private static final int RELOCATION_FORMAT_VERSION = 5;
+    private static final String RELOCATION_METADATA_PATH = "META-INF/antivpn-relocation.properties";
+
+    @SuppressWarnings("Guava")
+    private static final Supplier<URLClassLoaderAccess> URL_INJECTOR = AntiVPN.getInstance().getClass().getClassLoader() instanceof URLClassLoader ?
+            Suppliers.memoize(() ->
+                    URLClassLoaderAccess.create((URLClassLoader) AntiVPN.getInstance().getClass().getClassLoader()))
+            : null;
+
+    public static void loadAll(Object object) {
+        if(URL_INJECTOR == null)
+            return;
+        loadAll(object.getClass());
+    }
+
+    public static void loadAll(Class<?> clazz) {
+        if(URL_INJECTOR == null)
+            return;
+        MavenLibrary[] libs = clazz.getDeclaredAnnotationsByType(MavenLibrary.class);
+
+        for (MavenLibrary lib : libs) {
+            // Create relocations map if any are defined
+            Map<String, String> relocations = new HashMap<>();
+            for (Relocate relocate : lib.relocations()) {
+                relocations.put(relocate.from().replace("\\", ""), relocate.to());
+            }
+
+            load(lib.groupId().replace("\\", ""), lib.artifactId(), lib.version(), lib.repo().url(), relocations);
+        }
+    }
+
+    public static void load(String groupId, String artifactId, String version, String repoUrl,
+                            Map<String, String> relocations) {
+        load(new Dependency(groupId, artifactId, version, repoUrl), relocations);
+    }
+
+    public static void load(Dependency d, Map<String, String> relocations) {
+        System.out.printf("Loading dependency %s:%s:%s from %s%n",
+                d.getGroupId(), d.getArtifactId(), d.getVersion(), d.getRepoUrl());
+        String name = d.getArtifactId() + "-" + d.getVersion();
+
+        // If we have relocations, add a suffix to identify the relocated version
+        String fileName = name + ".jar";
+        if (!relocations.isEmpty()) {
+            fileName = name + "-relocated.jar";
+        }
+
+        File saveLocation = new File(getLibFolder(), fileName);
+        File originalJar = new File(getLibFolder(), name + ".jar");
+
+        // Download the original jar if it doesn't exist
+        if (!originalJar.exists()) {
+            try {
+                System.out.println("Dependency '" + name +
+                        "' is not already in the libraries folder. Attempting to download...");
+                URL url = d.getUrl();
+
+                try (InputStream is = url.openStream()) {
+                    Files.copy(is, originalJar.toPath());
+                }
+                System.out.println("Dependency '" + name + "' successfully downloaded.");
+            } catch (Exception e) {
+                e.printStackTrace();
+                throw new RuntimeException("Unable to download dependency: " + d, e);
+            }
+        }
+
+        // Rebuild relocated jars when the relocation format changes or the cached jar is stale.
+        if (!relocations.isEmpty() && shouldRebuildRelocatedJar(saveLocation, relocations)) {
+            try {
+                System.out.println("Relocating packages for " + name + "...");
+                relocateJar(originalJar, saveLocation, relocations);
+                System.out.println("Successfully relocated packages for " + name);
+            } catch (Exception e) {
+                e.printStackTrace();
+                throw new RuntimeException("Failed to relocate packages for dependency: " + d, e);
+            }
+        }
+
+        // Load the appropriate jar (original or relocated)
+        File jarToLoad = relocations.isEmpty() ? originalJar : saveLocation;
+
+        if (!jarToLoad.exists()) {
+            throw new RuntimeException("Unable to find dependency jar: " + jarToLoad.getAbsolutePath());
+        }
+
+        try {
+            URL_INJECTOR.get().addURL(jarToLoad.toURI().toURL());
+        } catch (Exception e) {
+            throw new RuntimeException("Unable to load dependency: " + jarToLoad, e);
+        }
+
+        System.out.println("Loaded dependency '" + name + "' successfully.");
+    }
+
+    private static void relocateJar(File sourceJar, File targetJar, Map<String, String> relocations)
+            throws IOException {
+        // Track service files to avoid duplicates
+        Map<String, StringBuilder> serviceFiles = new HashMap<>();
+
+        Files.deleteIfExists(targetJar.toPath());
+
+        try (JarFile jar = new JarFile(sourceJar);
+             JarOutputStream jos = new JarOutputStream(Files.newOutputStream(targetJar.toPath()))) {
+
+            Enumeration<JarEntry> entries = jar.entries();
+
+            while (entries.hasMoreElements()) {
+                JarEntry entry = entries.nextElement();
+                String name = entry.getName();
+
+                // Skip directories
+                if (entry.isDirectory()) {
+                    continue;
+                }
+
+                try (InputStream is = jar.getInputStream(entry)) {
+                    if (name.startsWith("META-INF/services/")) {
+                        // Process service files but don't write yet
+                        processServiceFile(name, is, serviceFiles, relocations);
+                    } else if (name.endsWith(".class")) {
+                        // Relocate class file path as well as content
+                        String relocatedPath = relocateClassPath(name, relocations);
+
+                        JarEntry newEntry = new JarEntry(relocatedPath);
+                        jos.putNextEntry(newEntry);
+
+                        byte[] classBytes = readAllBytes(is);
+                        byte[] relocatedBytes = relocateClass(name, classBytes, relocations);
+                        jos.write(relocatedBytes);
+                        jos.closeEntry();
+                    } else {
+                        // Relocate package-scoped resources so ResourceBundle lookups follow relocated packages.
+                        String relocatedPath = relocateResourcePath(name, relocations);
+
+                        JarEntry newEntry = new JarEntry(relocatedPath);
+                        jos.putNextEntry(newEntry);
+                        copyStream(is, jos);
+                        jos.closeEntry();
+                    }
+                }
+            }
+
+            // Now write all service files after processing
+            for (Map.Entry<String, StringBuilder> entry : serviceFiles.entrySet()) {
+                try {
+                    JarEntry serviceEntry = new JarEntry(entry.getKey());
+                    jos.putNextEntry(serviceEntry);
+                    jos.write(entry.getValue().toString().getBytes(StandardCharsets.UTF_8));
+                    jos.closeEntry();
+                } catch (Exception e) {
+                    // Log but continue with other service files
+                    System.out.println("Warning: Could not write service file " +
+                            entry.getKey() + ": " + e.getMessage());
+                }
+            }
+
+            writeRelocationMetadata(jos, relocations);
+        }
+
+        validateRelocatedJar(targetJar, relocations);
+    }
+
+    private static boolean shouldRebuildRelocatedJar(File relocatedJar, Map<String, String> relocations) {
+        if (!relocatedJar.exists()) {
+            return true;
+        }
+
+        try (JarFile jar = new JarFile(relocatedJar)) {
+            JarEntry metadataEntry = jar.getJarEntry(RELOCATION_METADATA_PATH);
+            if (metadataEntry == null) {
+                return true;
+            }
+
+            Properties metadata = new Properties();
+            try (InputStream is = jar.getInputStream(metadataEntry)) {
+                metadata.load(is);
+            }
+
+            if (!String.valueOf(RELOCATION_FORMAT_VERSION).equals(metadata.getProperty("formatVersion"))) {
+                return true;
+            }
+
+            for (Map.Entry<String, String> relocation : relocations.entrySet()) {
+                String key = "relocation." + relocation.getKey();
+                if (!relocation.getValue().equals(metadata.getProperty(key))) {
+                    return true;
+                }
+            }
+
+            return Integer.toString(relocations.size()).equals(metadata.getProperty("relocationCount"));
+        } catch (IOException e) {
+            return true;
+        }
+    }
+
+    private static void writeRelocationMetadata(JarOutputStream jos, Map<String, String> relocations)
+            throws IOException {
+        Properties metadata = new Properties();
+        metadata.setProperty("formatVersion", Integer.toString(RELOCATION_FORMAT_VERSION));
+        metadata.setProperty("relocationCount", Integer.toString(relocations.size()));
+
+        Map<String, String> sortedRelocations = new TreeMap<>(relocations);
+        for (Map.Entry<String, String> relocation : sortedRelocations.entrySet()) {
+            metadata.setProperty("relocation." + relocation.getKey(), relocation.getValue());
+        }
+
+        ByteArrayOutputStream buffer = new ByteArrayOutputStream();
+        metadata.store(buffer, "AntiVPN relocation metadata");
+
+        JarEntry metadataEntry = new JarEntry(RELOCATION_METADATA_PATH);
+        jos.putNextEntry(metadataEntry);
+        jos.write(buffer.toByteArray());
+        jos.closeEntry();
+    }
+
+    private static void processServiceFile(String name, InputStream is,
+                                           Map<String, StringBuilder> serviceFiles,
+                                           Map<String, String> relocations) throws IOException {
+        // Read service file content
+        String content = new String(readAllBytes(is));
+        StringBuilder contentBuilder = serviceFiles.computeIfAbsent(name, k -> new StringBuilder());
+
+        // Process and relocate service implementations
+        for (String line : content.split("\n")) {
+            String trimmed = line.trim();
+            if (!trimmed.isEmpty() && !trimmed.startsWith("#")) {
+                for (Map.Entry<String, String> relocation : relocations.entrySet()) {
+                    if (trimmed.startsWith(relocation.getKey())) {
+                        trimmed = relocation.getValue() +
+                                trimmed.substring(relocation.getKey().length());
+                        break;
+                    }
+                }
+            }
+            contentBuilder.append(trimmed).append("\n");
+        }
+    }
+
+    private static byte[] relocateClass(String entryName, byte[] classBytes, Map<String, String> relocations) {
+        try {
+            // Convert to slash notation for ASM
+            Remapper prefixRemapper = getPrefixRemapper(relocations);
+
+            // Create custom ClassWriter to handle missing classes
+            ClassReader reader = new ClassReader(classBytes);
+            ClassWriter writer = new ClassWriter(ClassWriter.COMPUTE_MAXS) {
+                @Override
+                protected String getCommonSuperClass(String type1, String type2) {
+                    try {
+                        return super.getCommonSuperClass(type1, type2);
+                    } catch (RuntimeException e) {
+                        // Fall back to Object when classes can't be loaded
+                        return "java/lang/Object";
+                    }
+                }
+            };
+
+            ClassVisitor visitor = createStringRelocationVisitor(new ClassRemapper(writer, prefixRemapper), relocations);
+            visitor = createMySqlUtilFallbackVisitor(entryName, visitor);
+
+            // Process class with remapper
+            reader.accept(visitor, 0);
+
+            return relocateUtf8Constants(writer.toByteArray(), relocations);
+        } catch (Exception e) {
+            throw new IllegalStateException("Failed to relocate class entry " + entryName, e);
+        }
+    }
+
+    public static String relocateReflectiveClassName(String className) {
+        if (className == null || className.startsWith("dev.brighten.antivpn.shaded.")) {
+            return className;
+        }
+
+        if (className.startsWith("com.mysql.cj") || className.startsWith("com.mysql.jdbc")) {
+            return "dev.brighten.antivpn.shaded." + className;
+        }
+
+        return className;
+    }
+
+    private static byte[] relocateUtf8Constants(byte[] classBytes, Map<String, String> relocations) throws IOException {
+        Map<String, String> dotMappings = new HashMap<>();
+        Map<String, String> slashMappings = new HashMap<>();
+        for (Map.Entry<String, String> entry : relocations.entrySet()) {
+            dotMappings.put(entry.getKey(), entry.getValue());
+            slashMappings.put(entry.getKey().replace('.', '/'), entry.getValue().replace('.', '/'));
+        }
+
+        DataInputStream in = new DataInputStream(new ByteArrayInputStream(classBytes));
+        ByteArrayOutputStream baos = new ByteArrayOutputStream(classBytes.length + 256);
+        DataOutputStream out = new DataOutputStream(baos);
+
+        out.writeInt(in.readInt());
+        out.writeShort(in.readUnsignedShort());
+        out.writeShort(in.readUnsignedShort());
+
+        int constantPoolCount = in.readUnsignedShort();
+        out.writeShort(constantPoolCount);
+
+        for (int i = 1; i < constantPoolCount; i++) {
+            int tag = in.readUnsignedByte();
+            out.writeByte(tag);
+
+            switch (tag) {
+                case 1 -> {
+                    String value = in.readUTF();
+                    String relocated = relocateStringValue(value, dotMappings, slashMappings);
+                    out.writeUTF(relocated);
+                }
+                case 3, 4 -> out.writeInt(in.readInt());
+                case 5, 6 -> {
+                    out.writeLong(in.readLong());
+                    i++;
+                }
+                case 7, 8, 16, 19, 20 -> out.writeShort(in.readUnsignedShort());
+                case 9, 10, 11, 12, 17, 18 -> {
+                    out.writeShort(in.readUnsignedShort());
+                    out.writeShort(in.readUnsignedShort());
+                }
+                case 15 -> {
+                    out.writeByte(in.readUnsignedByte());
+                    out.writeShort(in.readUnsignedShort());
+                }
+                default -> throw new IOException("Unknown constant pool tag " + tag);
+            }
+        }
+
+        copyStream(in, out);
+        out.flush();
+        return baos.toByteArray();
+    }
+
+    private static Remapper getPrefixRemapper(Map<String, String> relocations) {
+        Map<String, String> slashMappings = new HashMap<>();
+        Map<String, String> dotMappings = new HashMap<>();
+        for (Map.Entry<String, String> entry : relocations.entrySet()) {
+            dotMappings.put(entry.getKey(), entry.getValue());
+            String fromSlash = entry.getKey().replace('.', '/');
+            String toSlash = entry.getValue().replace('.', '/');
+            slashMappings.put(fromSlash, toSlash);
+        }
+
+        // Create customized remapper for package prefixes
+        return new Remapper() {
+            @Override
+            public String map(String typeName) {
+                if (typeName == null) return null;
+
+                for (Map.Entry<String, String> entry : slashMappings.entrySet()) {
+                    String from = entry.getKey();
+                    String to = entry.getValue();
+
+                    if (typeName.startsWith(from)) {
+                        return to + typeName.substring(from.length());
+                    }
+                }
+                return typeName;
+            }
+
+            @Override
+            public Object mapValue(Object value) {
+                if (value instanceof String stringValue) {
+                    return relocateStringValue(stringValue, dotMappings, slashMappings);
+                }
+                return super.mapValue(value);
+            }
+        };
+    }
+
+    private static ClassVisitor createMySqlUtilFallbackVisitor(String entryName, ClassVisitor delegate) {
+        if (!"com/mysql/cj/util/Util.class".equals(entryName)) {
+            return delegate;
+        }
+
+        return new ClassVisitor(Opcodes.ASM9, delegate) {
+            @Override
+            public MethodVisitor visitMethod(int access, String name, String descriptor, String signature,
+                                             String[] exceptions) {
+                MethodVisitor visitor = super.visitMethod(access, name, descriptor, signature, exceptions);
+                if (visitor == null) {
+                    return null;
+                }
+
+                if (!"getInstance".equals(name)
+                        || !"(Ljava/lang/Class;Ljava/lang/String;[Ljava/lang/Class;[Ljava/lang/Object;Lcom/mysql/cj/exceptions/ExceptionInterceptor;)Ljava/lang/Object;".equals(descriptor)) {
+                    return visitor;
+                }
+
+                return new MethodVisitor(Opcodes.ASM9, visitor) {
+                    @Override
+                    public void visitCode() {
+                        super.visitCode();
+                        super.visitVarInsn(Opcodes.ALOAD, 1);
+                        super.visitMethodInsn(Opcodes.INVOKESTATIC,
+                                "dev/brighten/antivpn/depends/LibraryLoader",
+                                "relocateReflectiveClassName",
+                                "(Ljava/lang/String;)Ljava/lang/String;",
+                                false);
+                        super.visitVarInsn(Opcodes.ASTORE, 1);
+                    }
+                };
+            }
+        };
+    }
+
+    private static ClassVisitor createStringRelocationVisitor(ClassVisitor delegate,
+                                                              Map<String, String> relocations) {
+        Map<String, String> dotMappings = new HashMap<>();
+        Map<String, String> slashMappings = new HashMap<>();
+        for (Map.Entry<String, String> entry : relocations.entrySet()) {
+            dotMappings.put(entry.getKey(), entry.getValue());
+            slashMappings.put(entry.getKey().replace('.', '/'), entry.getValue().replace('.', '/'));
+        }
+
+        return new ClassVisitor(Opcodes.ASM9, delegate) {
+            @Override
+            public AnnotationVisitor visitAnnotation(String descriptor, boolean visible) {
+                return wrapAnnotationVisitor(super.visitAnnotation(descriptor, visible), dotMappings, slashMappings);
+            }
+
+            @Override
+            public AnnotationVisitor visitTypeAnnotation(int typeRef, org.objectweb.asm.TypePath typePath,
+                                                         String descriptor, boolean visible) {
+                return wrapAnnotationVisitor(super.visitTypeAnnotation(typeRef, typePath, descriptor, visible),
+                        dotMappings, slashMappings);
+            }
+
+            @Override
+            public RecordComponentVisitor visitRecordComponent(String name, String descriptor, String signature) {
+                RecordComponentVisitor visitor = super.visitRecordComponent(name, descriptor, signature);
+                if (visitor == null) {
+                    return null;
+                }
+                return new RecordComponentVisitor(Opcodes.ASM9, visitor) {
+                    @Override
+                    public AnnotationVisitor visitAnnotation(String descriptor, boolean visible) {
+                        return wrapAnnotationVisitor(super.visitAnnotation(descriptor, visible),
+                                dotMappings, slashMappings);
+                    }
+
+                    @Override
+                    public AnnotationVisitor visitTypeAnnotation(int typeRef, org.objectweb.asm.TypePath typePath,
+                                                                 String descriptor, boolean visible) {
+                        return wrapAnnotationVisitor(super.visitTypeAnnotation(typeRef, typePath, descriptor, visible),
+                                dotMappings, slashMappings);
+                    }
+                };
+            }
+
+            @Override
+            public FieldVisitor visitField(int access, String name, String descriptor, String signature, Object value) {
+                FieldVisitor visitor = super.visitField(access, name, descriptor, signature,
+                        relocateAsmValue(value, dotMappings, slashMappings));
+                if (visitor == null) {
+                    return null;
+                }
+                return new FieldVisitor(Opcodes.ASM9, visitor) {
+                    @Override
+                    public AnnotationVisitor visitAnnotation(String descriptor, boolean visible) {
+                        return wrapAnnotationVisitor(super.visitAnnotation(descriptor, visible),
+                                dotMappings, slashMappings);
+                    }
+
+                    @Override
+                    public AnnotationVisitor visitTypeAnnotation(int typeRef, org.objectweb.asm.TypePath typePath,
+                                                                 String descriptor, boolean visible) {
+                        return wrapAnnotationVisitor(super.visitTypeAnnotation(typeRef, typePath, descriptor, visible),
+                                dotMappings, slashMappings);
+                    }
+                };
+            }
+
+            @Override
+            public MethodVisitor visitMethod(int access, String name, String descriptor, String signature,
+                                             String[] exceptions) {
+                MethodVisitor visitor = super.visitMethod(access, name, descriptor, signature, exceptions);
+                if (visitor == null) {
+                    return null;
+                }
+                return new MethodVisitor(Opcodes.ASM9, visitor) {
+                    @Override
+                    public AnnotationVisitor visitAnnotationDefault() {
+                        return wrapAnnotationVisitor(super.visitAnnotationDefault(), dotMappings, slashMappings);
+                    }
+
+                    @Override
+                    public AnnotationVisitor visitAnnotation(String descriptor, boolean visible) {
+                        return wrapAnnotationVisitor(super.visitAnnotation(descriptor, visible),
+                                dotMappings, slashMappings);
+                    }
+
+                    @Override
+                    public AnnotationVisitor visitTypeAnnotation(int typeRef, org.objectweb.asm.TypePath typePath,
+                                                                 String descriptor, boolean visible) {
+                        return wrapAnnotationVisitor(super.visitTypeAnnotation(typeRef, typePath, descriptor, visible),
+                                dotMappings, slashMappings);
+                    }
+
+                    @Override
+                    public AnnotationVisitor visitParameterAnnotation(int parameter, String descriptor,
+                                                                     boolean visible) {
+                        return wrapAnnotationVisitor(super.visitParameterAnnotation(parameter, descriptor, visible),
+                                dotMappings, slashMappings);
+                    }
+
+                    @Override
+                    public AnnotationVisitor visitInsnAnnotation(int typeRef, org.objectweb.asm.TypePath typePath,
+                                                                 String descriptor, boolean visible) {
+                        return wrapAnnotationVisitor(super.visitInsnAnnotation(typeRef, typePath, descriptor, visible),
+                                dotMappings, slashMappings);
+                    }
+
+                    @Override
+                    public AnnotationVisitor visitTryCatchAnnotation(int typeRef, org.objectweb.asm.TypePath typePath,
+                                                                     String descriptor, boolean visible) {
+                        return wrapAnnotationVisitor(super.visitTryCatchAnnotation(typeRef, typePath, descriptor, visible),
+                                dotMappings, slashMappings);
+                    }
+
+                    @Override
+                    public AnnotationVisitor visitLocalVariableAnnotation(int typeRef,
+                                                                          org.objectweb.asm.TypePath typePath,
+                                                                          org.objectweb.asm.Label[] start,
+                                                                          org.objectweb.asm.Label[] end,
+                                                                          int[] index, String descriptor,
+                                                                          boolean visible) {
+                        return wrapAnnotationVisitor(
+                                super.visitLocalVariableAnnotation(typeRef, typePath, start, end, index, descriptor, visible),
+                                dotMappings, slashMappings);
+                    }
+
+                    @Override
+                    public void visitLdcInsn(Object value) {
+                        super.visitLdcInsn(relocateAsmValue(value, dotMappings, slashMappings));
+                    }
+
+                    @Override
+                    public void visitInvokeDynamicInsn(String name, String descriptor, org.objectweb.asm.Handle bootstrapMethodHandle,
+                                                       Object... bootstrapMethodArguments) {
+                        Object[] relocatedArgs = new Object[bootstrapMethodArguments.length];
+                        for (int i = 0; i < bootstrapMethodArguments.length; i++) {
+                            relocatedArgs[i] = relocateAsmValue(bootstrapMethodArguments[i], dotMappings, slashMappings);
+                        }
+                        super.visitInvokeDynamicInsn(name, descriptor, bootstrapMethodHandle, relocatedArgs);
+                    }
+                };
+            }
+        };
+    }
+
+    private static AnnotationVisitor wrapAnnotationVisitor(AnnotationVisitor delegate,
+                                                           Map<String, String> dotMappings,
+                                                           Map<String, String> slashMappings) {
+        if (delegate == null) {
+            return null;
+        }
+
+        return new AnnotationVisitor(Opcodes.ASM9, delegate) {
+            @Override
+            public void visit(String name, Object value) {
+                super.visit(name, relocateAsmValue(value, dotMappings, slashMappings));
+            }
+
+            @Override
+            public AnnotationVisitor visitAnnotation(String name, String descriptor) {
+                return wrapAnnotationVisitor(super.visitAnnotation(name, descriptor), dotMappings, slashMappings);
+            }
+
+            @Override
+            public AnnotationVisitor visitArray(String name) {
+                return wrapAnnotationVisitor(super.visitArray(name), dotMappings, slashMappings);
+            }
+        };
+    }
+
+    private static Object relocateAsmValue(Object value, Map<String, String> dotMappings,
+                                           Map<String, String> slashMappings) {
+        if (value instanceof String stringValue) {
+            return relocateStringValue(stringValue, dotMappings, slashMappings);
+        }
+
+        return value;
+    }
+
+    private static String relocateStringValue(String value, Map<String, String> dotMappings,
+                                              Map<String, String> slashMappings) {
+        for (Map.Entry<String, String> entry : dotMappings.entrySet()) {
+            String from = entry.getKey();
+            String relocated = relocateByPrefixes(value, from, entry.getValue(), '.', '$');
+            if (!relocated.equals(value)) {
+                return relocated;
+            }
+        }
+
+        for (Map.Entry<String, String> entry : slashMappings.entrySet()) {
+            String from = entry.getKey();
+            String to = entry.getValue();
+
+            String relocated = relocateByPrefixes(value, from, to, '/', '$');
+            if (!relocated.equals(value)) {
+                return relocated;
+            }
+
+            relocated = relocateByPrefixes(value, "/" + from, "/" + to, '/', '$');
+            if (!relocated.equals(value)) {
+                return relocated;
+            }
+
+            relocated = relocateByPrefixes(value, "L" + from, "L" + to, '/', '$', ';');
+            if (!relocated.equals(value)) {
+                return relocated;
+            }
+
+            relocated = relocateByPrefixes(value, "[L" + from, "[L" + to, '/', '$', ';');
+            if (!relocated.equals(value)) {
+                return relocated;
+            }
+        }
+
+        return value;
+    }
+
+    private static String relocateByPrefixes(String value, String from, String to, char... delimiters) {
+        if (value.equals(from)) {
+            return to;
+        }
+
+        for (char delimiter : delimiters) {
+            if (value.startsWith(from + delimiter)) {
+                return to + value.substring(from.length());
+            }
+        }
+
+        return value;
+    }
+
+    private static void validateRelocatedJar(File targetJar, Map<String, String> relocations) throws IOException {
+        Set<String> relocatedPrefixes = new HashSet<>();
+        Map<String, String> dotMappings = new HashMap<>();
+        Map<String, String> slashMappings = new HashMap<>();
+        for (Map.Entry<String, String> relocation : relocations.entrySet()) {
+            relocatedPrefixes.add(relocation.getValue().replace('.', '/') + "/");
+            dotMappings.put(relocation.getKey(), relocation.getValue());
+            slashMappings.put(relocation.getKey().replace('.', '/'), relocation.getValue().replace('.', '/'));
+        }
+
+        try (JarFile jar = new JarFile(targetJar)) {
+            Enumeration<JarEntry> entries = jar.entries();
+            while (entries.hasMoreElements()) {
+                JarEntry entry = entries.nextElement();
+                if (entry.isDirectory() || !entry.getName().endsWith(".class")) {
+                    continue;
+                }
+
+                boolean shouldValidate = false;
+                for (String relocatedPrefix : relocatedPrefixes) {
+                    if (entry.getName().startsWith(relocatedPrefix)) {
+                        shouldValidate = true;
+                        break;
+                    }
+                }
+
+                if (!shouldValidate) {
+                    continue;
+                }
+
+                try (InputStream is = jar.getInputStream(entry)) {
+                    findUnrelocatedConstant(entry.getName(), readAllBytes(is), dotMappings, slashMappings);
+                }
+            }
+        }
+    }
+
+    private static void findUnrelocatedConstant(String entryName, byte[] classBytes, Map<String, String> dotMappings,
+                                                Map<String, String> slashMappings) throws IOException {
+        DataInputStream in = new DataInputStream(new ByteArrayInputStream(classBytes));
+        in.readInt();
+        in.readUnsignedShort();
+        in.readUnsignedShort();
+        int constantPoolCount = in.readUnsignedShort();
+
+        for (int i = 1; i < constantPoolCount; i++) {
+            int tag = in.readUnsignedByte();
+            switch (tag) {
+                case 1 -> {
+                    String value = in.readUTF();
+                    String relocated = relocateStringValue(value, dotMappings, slashMappings);
+                    if (!value.equals(relocated)) {
+                        throw new IOException("Relocated jar still contains original reference '" + value
+                                + "' in class entry " + entryName);
+                    }
+                }
+                case 3, 4 -> in.readInt();
+                case 5, 6 -> {
+                    in.readLong();
+                    i++;
+                }
+                case 7, 8, 16, 19, 20 -> in.readUnsignedShort();
+                case 9, 10, 11, 12, 17, 18 -> {
+                    in.readUnsignedShort();
+                    in.readUnsignedShort();
+                }
+                case 15 -> {
+                    in.readUnsignedByte();
+                    in.readUnsignedShort();
+                }
+                default -> throw new IOException("Unknown constant pool tag " + tag + " while validating " + entryName);
+            }
+        }
+    }
+
+    private static String relocateClassPath(String path, Map<String, String> relocations) {
+        // Convert path to package format (replacing / with .)
+        String packagePath = path.substring(0, path.length() - 6).replace('/', '.');
+
+        // Apply relocations
+        for (Map.Entry<String, String> relocation : relocations.entrySet()) {
+            if (packagePath.startsWith(relocation.getKey())) {
+                packagePath = relocation.getValue() + packagePath.substring(relocation.getKey().length());
+                break;
+            }
+        }
+
+        // Convert back to path format
+        return packagePath.replace('.', '/') + ".class";
+    }
+
+    private static String relocateResourcePath(String path, Map<String, String> relocations) {
+        if (path.startsWith("META-INF/")) {
+            return path;
+        }
+
+        for (Map.Entry<String, String> relocation : relocations.entrySet()) {
+            String fromPath = relocation.getKey().replace('.', '/');
+            String toPath = relocation.getValue().replace('.', '/');
+
+            if (path.startsWith(fromPath + "/")) {
+                return toPath + path.substring(fromPath.length());
+            }
+        }
+
+        return path;
+    }
+
+    private static byte[] readAllBytes(InputStream is) throws IOException {
+        ByteArrayOutputStream buffer = new ByteArrayOutputStream();
+        int bytesRead;
+        byte[] data = new byte[1024];
+        while ((bytesRead = is.read(data, 0, data.length)) != -1) {
+            buffer.write(data, 0, bytesRead);
+        }
+        return buffer.toByteArray();
+    }
+
+    private static void copyStream(InputStream is, OutputStream os) throws IOException {
+        byte[] buffer = new byte[1024];
+        int bytesRead;
+        while ((bytesRead = is.read(buffer)) != -1) {
+            os.write(buffer, 0, bytesRead);
+        }
+    }
+
+    private static File getLibFolder() {
+        File pluginDataFolder = AntiVPN.getInstance().getPluginFolder();
+        File libs = new File(pluginDataFolder, "libraries");
+        if(libs.mkdirs()) {
+            System.out.println("Created libraries folder!");
+        }
+        return libs;
+    }
+
+    @Getter
+    @NonnullByDefault
+// Fix the Dependency class to preserve original groupId for downloading
+    public static final class Dependency {
+        private final String groupId;
+        private final String artifactId;
+        private final String version;
+        private final String repoUrl;
+        // Keep the original groupId/artifactId for Maven downloads
+        private final String originalGroupId;
+        private final String originalArtifactId;
+
+        public Dependency(String groupId, String artifactId, String version, String repoUrl) {
+            this.originalGroupId = Objects.requireNonNull(groupId, "groupId");
+            this.originalArtifactId = Objects.requireNonNull(artifactId, "artifactId");
+            this.groupId = this.originalGroupId;
+            this.artifactId = this.originalArtifactId;
+            this.version = Objects.requireNonNull(version, "version");
+            this.repoUrl = Objects.requireNonNull(repoUrl, "repoUrl");
+        }
+
+        public URL getUrl() throws MalformedURLException {
+            String repo = this.repoUrl;
+            if (!repo.endsWith("/")) {
+                repo += "/";
+            }
+            repo += "%s/%s/%s/%s-%s.jar";
+
+            // Always use original groupId for Maven repository URL
+            String url = String.format(repo, this.originalGroupId.replace(".", "/"),
+                    this.originalArtifactId, this.version, this.originalArtifactId, this.version);
+            return new URL(url);
+        }
+
+        // Rest of the class unchanged
+    }
+
+
+}
@@ -0,0 +1,31 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.depends;
+
+import java.lang.annotation.*;
+
+/**
+ * Annotation to indicate the required libraries for a class.
+ */
+@Documented
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface MavenLibraries {
+
+    MavenLibrary[] value() default {};
+
+}
@@ -0,0 +1,60 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.depends;
+
+import java.lang.annotation.*;
+
+/**
+ * Annotation to indicate a required library for a class.
+ */
+@Documented
+@Repeatable(MavenLibraries.class)
+@Target(ElementType.TYPE)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface MavenLibrary {
+
+    /**
+     * The group id of the library
+     *
+     * @return the group id of the library
+     */
+    String groupId();
+
+    /**
+     * The artifact id of the library
+     *
+     * @return the artifact id of the library
+     */
+    String artifactId();
+
+    /**
+     * The version of the library
+     *
+     * @return the version of the library
+     */
+    String version();
+
+    /**
+     * The repo where the library can be obtained from
+     *
+     * @return the repo where the library can be obtained from
+     */
+    Repository repo() default @Repository(url = "https://repo1.maven.org/maven2");
+
+    Relocate[] relocations() default {}; // Add this line
+
+}
@@ -0,0 +1,30 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.depends;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Documented
+@Retention(RetentionPolicy.RUNTIME)
+@Target({})
+public @interface Relocate {
+    String from();
+    String to();
+}
@@ -0,0 +1,36 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.depends;
+
+import java.lang.annotation.*;
+
+/**
+ * Represents a maven repository.
+ */
+@Documented
+@Target(ElementType.LOCAL_VARIABLE)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface Repository {
+
+    /**
+     * Gets the base url of the repository.
+     *
+     * @return the base url of the repository
+     */
+    String url();
+
+}
@@ -0,0 +1,166 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.depends;
+
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+import java.net.URL;
+import java.net.URLClassLoader;
+import java.util.Collection;
+
+/**
+ * Provides access to {@link URLClassLoader}#addURL.
+ */
+public abstract class URLClassLoaderAccess {
+
+    /**
+     * Creates a {@link URLClassLoaderAccess} for the given class loader.
+     *
+     * @param classLoader the class loader
+     * @return the access object
+     */
+    static URLClassLoaderAccess create(URLClassLoader classLoader) {
+        if (Reflection.isSupported()) {
+            return new Reflection(classLoader);
+        } else if (Unsafe.isSupported()) {
+            return new Unsafe(classLoader);
+        } else {
+            return Noop.INSTANCE;
+        }
+    }
+
+    private final URLClassLoader classLoader;
+
+    protected URLClassLoaderAccess(URLClassLoader classLoader) {
+        this.classLoader = classLoader;
+    }
+
+
+    /**
+     * Adds the given URL to the class loader.
+     *
+     * @param url the URL to add
+     */
+    public abstract void addURL(URL url);
+
+    /**
+     * Accesses using reflection, not supported on Java 9+.
+     */
+    private static class Reflection extends URLClassLoaderAccess {
+        private static final Method ADD_URL_METHOD;
+
+        static {
+            Method addUrlMethod;
+            try {
+                addUrlMethod = URLClassLoader.class.getDeclaredMethod("addURL", URL.class);
+                addUrlMethod.setAccessible(true);
+            } catch (Exception e) {
+                addUrlMethod = null;
+            }
+            ADD_URL_METHOD = addUrlMethod;
+        }
+
+        private static boolean isSupported() {
+            return ADD_URL_METHOD != null;
+        }
+
+        Reflection(URLClassLoader classLoader) {
+            super(classLoader);
+        }
+
+        @Override
+        public void addURL(URL url) {
+            try {
+                ADD_URL_METHOD.invoke(super.classLoader, url);
+            } catch (ReflectiveOperationException e) {
+                throw new RuntimeException(e);
+            }
+        }
+    }
+
+    /**
+     * Accesses using sun.misc.Unsafe, supported on Java 9+.
+     *
+     * @author Vaishnav Anil (<a href="https://github.com/slimjar/slimjar">...</a>)
+     */
+    private static class Unsafe extends URLClassLoaderAccess {
+        private static final sun.misc.Unsafe UNSAFE;
+
+        static {
+            sun.misc.Unsafe unsafe;
+            try {
+                Field unsafeField = sun.misc.Unsafe.class.getDeclaredField("theUnsafe");
+                unsafeField.setAccessible(true);
+                unsafe = (sun.misc.Unsafe) unsafeField.get(null);
+            } catch (Throwable t) {
+                unsafe = null;
+            }
+            UNSAFE = unsafe;
+        }
+
+        private static boolean isSupported() {
+            return UNSAFE != null;
+        }
+
+        private final Collection<URL> unopenedURLs;
+        private final Collection<URL> pathURLs;
+
+        @SuppressWarnings("unchecked")
+        Unsafe(URLClassLoader classLoader) {
+            super(classLoader);
+
+            Collection<URL> unopenedURLs;
+            Collection<URL> pathURLs;
+            try {
+                Object ucp = fetchField(URLClassLoader.class, classLoader, "ucp");
+                unopenedURLs = (Collection<URL>) fetchField(ucp.getClass(), ucp, "unopenedUrls");
+                pathURLs = (Collection<URL>) fetchField(ucp.getClass(), ucp, "path");
+            } catch (Throwable e) {
+                unopenedURLs = null;
+                pathURLs = null;
+            }
+            this.unopenedURLs = unopenedURLs;
+            this.pathURLs = pathURLs;
+        }
+
+        private static Object fetchField(final Class<?> clazz, final Object object, final String name) throws NoSuchFieldException {
+            Field field = clazz.getDeclaredField(name);
+            long offset = UNSAFE.objectFieldOffset(field);
+            return UNSAFE.getObject(object, offset);
+        }
+
+        @Override
+        public void addURL(URL url) {
+            this.unopenedURLs.add(url);
+            this.pathURLs.add(url);
+        }
+    }
+
+    private static class Noop extends URLClassLoaderAccess {
+        private static final Noop INSTANCE = new Noop();
+
+        private Noop() {
+            super(null);
+        }
+
+        @Override
+        public void addURL(URL url) {
+            throw new UnsupportedOperationException();
+        }
+    }
+
+}
@@ -0,0 +1,62 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.message;
+
+import dev.brighten.antivpn.AntiVPN;
+
+import java.util.HashMap;
+import java.util.Map;
+import java.util.function.Function;
+
+public class MessageHandler {
+    private final Map<String, VpnString> messages = new HashMap<>();
+
+    public VpnString getString(String key) {
+        if(!messages.containsKey(key)) {
+            throw new NullPointerException("There is no VpnString with the key \"" + key + "\"");
+        }
+
+        return messages.get(key);
+    }
+
+    public void reloadStrings() {
+        for (VpnString value : messages.values()) {
+            value.updateString();
+        }
+    }
+
+    public void clearStrings() {
+        messages.clear();
+    }
+
+    public void addString(VpnString string, Function<VpnString, String> getter) {
+        string.setConfigStringGetter(getter);
+        getter.apply(string);
+        AntiVPN.getInstance().getExecutor().log("Added string " + string.getKey());
+        messages.put(string.getKey(), string);
+    }
+
+    public void initStrings(Function<VpnString, String> getter) {
+        addString(new VpnString("command-misc-playerRequired",
+                "&cYou must be a player to execute this command!"), getter);
+        addString(new VpnString("command-alerts-toggled",
+                "&7Your player proxy notifications have been set to: &e%state%"), getter);
+        addString(new VpnString("command-reload-complete",
+                        "&aSuccessfully reloaded KauriVPN plugin!"), getter);
+        addString(new VpnString("no-permission", "&cNo permission."), getter);
+    }
+}
@@ -0,0 +1,74 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.message;
+
+import dev.brighten.antivpn.api.APIPlayer;
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+import lombok.Setter;
+import lombok.SneakyThrows;
+
+import java.util.function.Function;
+
+@Getter
+public class VpnString {
+    private final String key;
+    private final String defaultMessage;
+    private String message;
+    @Setter
+    private Function<VpnString, String> configStringGetter;
+
+    public VpnString(String key, String defaultMessage) {
+        this.key = key;
+        this.defaultMessage = defaultMessage;
+    }
+
+    @SneakyThrows
+    public void updateString() {
+        if(configStringGetter == null) throw new Exception("The configStringGetter for string " + key + " is null!");
+
+        message = configStringGetter.apply(this);
+    }
+
+    public String getFormattedMessage(Var<String, Object>... replacements) {
+        String formatted = configStringGetter.apply(this);
+
+        for (Var<String, Object> replacement : replacements) {
+            formatted = formatted
+                    .replace("%" + replacement.getKey() + "%", replacement.getReplacement().toString());
+        }
+
+        return formatted;
+    }
+
+    public void sendMessage(APIPlayer player, Var<String, Object>... replacements) {
+        String formatted = message;
+
+        for (Var<String, Object> replacement : replacements) {
+            formatted = formatted
+                    .replace("%" + replacement.getKey() + "%", replacement.getReplacement().toString());
+        }
+        player.sendMessage(formatted);
+    }
+
+    @Getter
+    @RequiredArgsConstructor
+    public static class Var<S, O> {
+        private final String key;
+        private final Object replacement;
+    }
+}
@@ -0,0 +1,131 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils;
+
+import lombok.Getter;
+
+import java.math.BigInteger;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.nio.ByteBuffer;
+import java.util.ArrayList;
+import java.util.List;
+
+/**
+ * A class that enables to get an IP range from CIDR specification. It supports
+ * both IPv4 and IPv6.
+ */
+@Getter
+public class CIDRUtils {
+    private final String cidr;
+
+    private final InetAddress inetAddress;
+
+    private InetAddress startAddress;
+    private BigInteger startIpInt, endIpInt;
+    private InetAddress endAddress;
+    private final int prefixLength;
+
+
+    public CIDRUtils(String cidr) throws UnknownHostException {
+
+        this.cidr = cidr;
+
+        /* split CIDR to address and prefix part */
+        if (this.cidr.contains("/")) {
+            int index = this.cidr.indexOf("/");
+            String addressPart = this.cidr.substring(0, index);
+            String networkPart = this.cidr.substring(index + 1);
+
+            inetAddress = InetAddress.getByName(addressPart);
+            prefixLength = Integer.parseInt(networkPart);
+
+            calculate();
+        } else {
+            throw new IllegalArgumentException("not an valid CIDR format!");
+        }
+    }
+
+
+    private void calculate() throws UnknownHostException {
+
+        ByteBuffer maskBuffer;
+        int targetSize;
+        if (inetAddress.getAddress().length == 4) {
+            maskBuffer =
+                    ByteBuffer
+                            .allocate(4)
+                            .putInt(-1);
+            targetSize = 4;
+        } else {
+            maskBuffer = ByteBuffer.allocate(16)
+                    .putLong(-1L)
+                    .putLong(-1L);
+            targetSize = 16;
+        }
+
+        BigInteger mask = (new BigInteger(1, maskBuffer.array())).not().shiftRight(prefixLength);
+
+        ByteBuffer buffer = ByteBuffer.wrap(inetAddress.getAddress());
+        BigInteger ipVal = new BigInteger(1, buffer.array());
+
+        BigInteger startIp = ipVal.and(mask);
+        this.startIpInt = startIp;
+        BigInteger endIp = startIp.add(mask.not());
+        this.endIpInt = endIp;
+
+        byte[] startIpArr = toBytes(startIp.toByteArray(), targetSize);
+        byte[] endIpArr = toBytes(endIp.toByteArray(), targetSize);
+
+        this.startAddress = InetAddress.getByAddress(startIpArr);
+        this.endAddress = InetAddress.getByAddress(endIpArr);
+
+    }
+
+    private byte[] toBytes(byte[] array, int targetSize) {
+        int counter = 0;
+        List<Byte> newArr = new ArrayList<Byte>();
+        while (counter < targetSize && (array.length - 1 - counter >= 0)) {
+            newArr.add(0, array[array.length - 1 - counter]);
+            counter++;
+        }
+
+        int size = newArr.size();
+        for (int i = 0; i < (targetSize - size); i++) {
+
+            newArr.add(0, (byte) 0);
+        }
+
+        byte[] ret = new byte[newArr.size()];
+        for (int i = 0; i < newArr.size(); i++) {
+            ret[i] = newArr.get(i);
+        }
+        return ret;
+    }
+
+    public boolean isInRange(String ipAddress) throws UnknownHostException {
+        InetAddress address = InetAddress.getByName(ipAddress);
+        BigInteger start = new BigInteger(1, this.startAddress.getAddress());
+        BigInteger end = new BigInteger(1, this.endAddress.getAddress());
+        BigInteger target = new BigInteger(1, address.getAddress());
+
+        int st = start.compareTo(target);
+        int te = target.compareTo(end);
+
+        return (st < 0 || st == 0) && (te < 0 || te == 0);
+    }
+}
@@ -0,0 +1,44 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils;
+
+import dev.brighten.antivpn.AntiVPN;
+import lombok.AllArgsConstructor;
+
+@AllArgsConstructor
+public class ConfigDefault<A> {
+
+    private final A defaultValue;
+    private final String path;
+    private final AntiVPN plugin;
+
+    public A get() {
+        if(plugin.getConfig().get(path) != null)
+            return (A) plugin.getConfig().get(path);
+        else {
+            plugin.getConfig().set(path, defaultValue);
+            plugin.saveConfig();
+            return defaultValue;
+        }
+    }
+
+    public A set(A value) {
+        plugin.getConfig().set(path, value);
+
+        return value;
+    }
+}
@@ -0,0 +1,35 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils;
+
+import lombok.Getter;
+import lombok.RequiredArgsConstructor;
+
+import java.util.LinkedHashMap;
+import java.util.Map;
+
+@RequiredArgsConstructor
+public class EvictingMap<K, V> extends LinkedHashMap<K, V> {
+
+    @Getter
+    private final int size;
+
+    @Override
+    protected boolean removeEldestEntry(Map.Entry<K, V> eldest) {
+        return size() >= size;
+    }
+}
@@ -0,0 +1,23 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils;
+
+/**
+ * Holder for extra methods of {@code Objects} only in web. Intended to be empty for regular
+ * version.
+ */
+abstract class ExtraObjectsMethodsForWeb {}
@@ -0,0 +1,109 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils;
+
+import java.math.BigDecimal;
+import java.math.BigInteger;
+import java.net.Inet4Address;
+import java.net.Inet6Address;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.util.Optional;
+
+public class IpUtils {
+    public static Optional<BigDecimal> getIpDecimal(String address) {
+        try {
+            InetAddress inet = InetAddress.getByName(address);
+
+            if(inet instanceof Inet4Address) {
+                return Optional.of(BigDecimal.valueOf(ipv4ToLong(address)));
+            } return Optional.of(new BigDecimal(ipv6ToDecimalFormat(address)));
+        } catch(Exception e) {
+            return Optional.empty();
+        }
+    }
+
+    public static long ipv4ToLong(String address) {
+        String[] addrArray = address.split("\\.");
+
+        long ipDecimal = 0;
+
+        for (int i = 0; i < addrArray.length; i++) {
+
+            int power = 3 - i;
+            ipDecimal += ((Integer.parseInt(addrArray[i]) % 256 * Math.pow(256, power)));
+        }
+
+        return ipDecimal;
+    }
+
+    public static String getIpv4(long ip) {
+        StringBuilder sb = new StringBuilder(15);
+
+        for (int i = 0; i < 4; i++) {
+            sb.insert(0, ip & 0xff);
+
+            if (i < 3) {
+                sb.insert(0, '.');
+            }
+
+            ip >>= 8;
+        }
+
+        return sb.toString();
+    }
+
+    public static boolean isIpv4(BigDecimal ip) {
+        return ip.compareTo(BigDecimal.valueOf(4294967295L)) <= 0;
+    }
+
+    public static boolean isIpv6(BigDecimal ip) {
+        return ip.compareTo(BigDecimal.valueOf(4294967295L)) > 0;
+    }
+    public static boolean isIpv4(String ip) {
+        return ip.matches("^(?:[0-9]{1,3}\\.){3}[0-9]{1,3}$");
+    }
+
+    public static boolean isNotIp(String ip) {
+        return !isIpv4(ip) && !isIpv6(ip);
+    }
+
+    public static boolean isIpv6(String ip) {
+        return ip.matches("^([0-9a-fA-F]{1,4}:){7}([0-9a-fA-F]{1,4}|:)$|^(([0-9a-fA-F]{1,4}:){0,6}([0-9a-fA-F]{1,4}|:))?(::([0-9a-fA-F]{1,4}:){0,5}([0-9a-fA-F]{1,4}|:))?$");
+    }
+
+    public static String getIpv4(BigDecimal ip) {
+        try {
+            return Inet4Address.getByAddress(ip.toBigInteger().toByteArray()).getHostAddress();
+        } catch (UnknownHostException e) {
+            return "Error";
+        }
+    }
+
+    public static String getIpv6(BigDecimal ip) {
+        try {
+            return Inet6Address.getByAddress(ip.toBigInteger().toByteArray()).getHostAddress();
+        } catch (UnknownHostException e) {
+            return "Error";
+        }
+    }
+
+    public static BigInteger ipv6ToDecimalFormat(String ipAddress) throws UnknownHostException {
+        return new BigInteger(1, Inet6Address.getByName(ipAddress).getAddress());
+    }
+
+}
@@ -0,0 +1,195 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils;
+
+import dev.brighten.antivpn.AntiVPN;
+import dev.brighten.antivpn.utils.json.JSONException;
+import dev.brighten.antivpn.utils.json.JSONObject;
+import dev.brighten.antivpn.utils.json.JsonReader;
+
+import java.io.*;
+import java.math.BigInteger;
+import java.net.*;
+import java.util.ArrayList;
+import java.util.List;
+import java.util.UUID;
+import java.util.concurrent.ThreadFactory;
+import java.util.regex.Pattern;
+
+public class MiscUtils {
+
+    private static final Pattern ipv4 = Pattern.compile("[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}\\.[0-9]{1,3}");
+    private static final String DEFAULT_FUNKEMUNKY_UUID_ENDPOINT = "https://funkemunky.cc/mojang/uuid?name=";
+    private static final String DEFAULT_MOJANG_UUID_ENDPOINT = "https://api.mojang.com/users/profiles/minecraft/";
+    private static volatile String funkemunkyUuidEndpoint = DEFAULT_FUNKEMUNKY_UUID_ENDPOINT;
+    private static volatile String mojangUuidEndpoint = DEFAULT_MOJANG_UUID_ENDPOINT;
+
+    public static void close(Closeable... closeables) {
+        try {
+            for (Closeable closeable : closeables) if (closeable != null) closeable.close();
+        } catch (Exception e) {
+            AntiVPN.getInstance().getExecutor().logException(e);
+        }
+    }
+
+    public static void close(AutoCloseable... closeables) {
+        try {
+            for (AutoCloseable closeable : closeables) if (closeable != null) closeable.close();
+        } catch (Exception e) {
+            AntiVPN.getInstance().getExecutor().logException(e);
+        }
+    }
+
+    public static void copy(InputStream in, File file) {
+        try {
+            OutputStream out = new FileOutputStream(file);
+            int lenght;
+            byte[] buf = new byte[1024];
+
+            while ((lenght = in.read(buf)) > 0)
+            {
+                out.write(buf, 0, lenght);
+            }
+
+            out.close();
+            in.close();
+        } catch (Exception e) {
+            AntiVPN.getInstance().getExecutor().logException(e);
+        }
+    }
+
+    public static ThreadFactory createThreadFactory(String threadName) {
+        return r -> {
+            Thread thread = new Thread(r);
+            thread.setName(threadName);
+            return thread;
+        };
+    }
+
+    public static List<CIDRUtils> rangeToCidrs(BigInteger start, BigInteger end) throws UnknownHostException {
+        List<CIDRUtils> cidrs = new ArrayList<>();
+
+        while (start.compareTo(end) <= 0) {
+            // Find the number of trailing zero bits — this determines max block size alignment
+            int trailingZeros = start.equals(BigInteger.ZERO)
+                    ? 128  // handle the edge case
+                    : start.getLowestSetBit();
+
+            // Find the largest block that fits
+            BigInteger remaining = end.subtract(start).add(BigInteger.ONE);
+            int maxBits = remaining.bitLength() - 1;
+
+            int blockBits = Math.min(trailingZeros, maxBits);
+            int prefixLen = 32 - blockBits; // use 128 for IPv6
+
+            // Build the CIDR string
+            byte[] addrBytes = toFixedLengthBytes(start); // use 16 for IPv6
+            String cidr = InetAddress.getByAddress(addrBytes).getHostAddress() + "/" + prefixLen;
+            cidrs.add(new CIDRUtils(cidr));
+
+            // Advance past this block
+            start = start.add(BigInteger.ONE.shiftLeft(blockBits));
+        }
+
+        return cidrs;
+    }
+
+    private static byte[] toFixedLengthBytes(BigInteger value) {
+        byte[] raw = value.toByteArray();
+        byte[] result = new byte[4];
+        int srcPos = Math.max(0, raw.length - 4);
+        int destPos = Math.max(0, 4 - raw.length);
+        System.arraycopy(raw, srcPos, result, destPos, Math.min(raw.length, 4));
+        return result;
+    }
+
+    public static UUID lookupUUID(String playername) {
+        try {
+            UUID uuid = lookupUuidFromUrl(funkemunkyUuidEndpoint + playername);
+            if (uuid != null) {
+                return uuid;
+            }
+        } catch (IOException | JSONException | URISyntaxException e) {
+            AntiVPN.getInstance().getExecutor().logException("Error while looking up UUID for " + playername + "! Falling back to Mojang API", e);
+            return lookupMojangUuid(playername);
+        }
+
+        return null;
+    }
+
+    private static UUID lookupUuidFromUrl(String url) throws IOException, JSONException, URISyntaxException {
+        HttpURLConnection connection = (HttpURLConnection) new URI(url).toURL().openConnection();
+        connection.setConnectTimeout(5000);
+        connection.setReadTimeout(5000);
+        connection.setInstanceFollowRedirects(true);
+
+        int responseCode = connection.getResponseCode();
+        if (responseCode >= 500) {
+            throw new IOException("Server returned HTTP " + responseCode + " for " + url);
+        }
+        if (responseCode != HttpURLConnection.HTTP_OK) {
+            return null;
+        }
+
+        try (InputStream inputStream = connection.getInputStream()) {
+            JSONObject object = new JSONObject(JsonReader.readAll(new InputStreamReader(inputStream, java.nio.charset.StandardCharsets.UTF_8)));
+            if (object.has("uuid")) {
+                return parseUuid(object.getString("uuid"));
+            }
+            if (object.has("id")) {
+                return parseUuid(object.getString("id"));
+            }
+        }
+
+        return null;
+    }
+
+    private static UUID parseUuid(String value) {
+        if (value.length() == 32) {
+            value = value.replaceFirst(
+                    "([0-9a-fA-F]{8})([0-9a-fA-F]{4})([0-9a-fA-F]{4})([0-9a-fA-F]{4})([0-9a-fA-F]{12})",
+                    "$1-$2-$3-$4-$5"
+            );
+        }
+
+        return UUID.fromString(value);
+    }
+
+    private static UUID lookupMojangUuid(String playerName) {
+        try {
+            return lookupUuidFromUrl(mojangUuidEndpoint + playerName);
+        } catch (IOException | JSONException | URISyntaxException e) {
+            AntiVPN.getInstance().getExecutor().logException("Error while looking up UUID for " + playerName + " from Mojang!:", e);
+        }
+
+        return null;
+    }
+
+    static void setLookupEndpointsForTesting(String funkemunkyEndpoint, String mojangEndpoint) {
+        funkemunkyUuidEndpoint = funkemunkyEndpoint;
+        mojangUuidEndpoint = mojangEndpoint;
+    }
+
+    static void resetLookupEndpointsForTesting() {
+        funkemunkyUuidEndpoint = DEFAULT_FUNKEMUNKY_UUID_ENDPOINT;
+        mojangUuidEndpoint = DEFAULT_MOJANG_UUID_ENDPOINT;
+    }
+    public static boolean isIpv4(String ip)
+    {
+        return ipv4.matcher(ip).matches();
+    }
+}
@@ -0,0 +1,27 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+
+@Documented
+@Retention(RetentionPolicy.RUNTIME)
+public @interface NonnullByDefault {
+
+}
@@ -0,0 +1,55 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils;
+
+/** A utility method to perform unchecked casts to suppress errors produced by nullness analyses. */
+final class NullnessCasts {
+  /**
+   * Accepts a {@code @Nullable T} and returns a plain {@code T}, without performing any check that
+   * that conversion is safe.
+   *
+   * <p>This method is intended to help with usages of type parameters that have {
+   * ParametricNullness parametric nullness}. If a type parameter instead ranges over only non-null
+   * types (or if the type is a non-variable type, like {@code String}), then code should almost
+   * never use this method, preferring instead to call {@code requireNonNull} so as to benefit from
+   * its runtime check.
+   *
+   * <p>An example use case for this method is in implementing an {@code Iterator<T>} whose {@code
+   * next} field is lazily initialized. The type of that field would be {@code @Nullable T}, and the
+   * code would be responsible for populating a "real" {@code T} (which might still be the value
+   * {@code null}!) before returning it to callers. Depending on how the code is structured, a
+   * nullness analysis might not understand that the field has been populated. To avoid that problem
+   * without having to add {@code @SuppressWarnings}, the code can call this method.
+   *
+   * <p>Why <i>not</i> just add {@code SuppressWarnings}? The problem is that this method is
+   * typically useful for {@code return} statements. That leaves the code with two options: Either
+   * add the suppression to the whole method (which turns off checking for a large section of code),
+   * or extract a variable, and put the suppression on that. However, a local variable typically
+   * doesn't work: Because nullness analyses typically infer the nullness of local variables,
+   * there's no way to assign a {@code @Nullable T} to a field {@code T foo;} and instruct the
+   * analysis that that means "plain {@code T}" rather than the inferred type {@code @Nullable T}.
+   * (Even if supported added {@code @NonNull}, that would not help, since the problem case
+   * addressed by this method is the case in which {@code T} has parametric nullness -- and thus its
+   * value may be legitimately {@code null}.)
+   */
+  @SuppressWarnings("nullness")
+  static <T> T uncheckedCastNullableTToT(T t) {
+    return t;
+  }
+
+  private NullnessCasts() {}
+}
@@ -0,0 +1,260 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by FernFlower decompiler)
+//
+
+package dev.brighten.antivpn.utils;
+
+public final class Preconditions {
+    private Preconditions() {
+    }
+
+    public static <T> T checkNotNull(T reference) {
+        if (reference == null) {
+            throw new NullPointerException();
+        } else {
+            return reference;
+        }
+    }
+
+    public static <T> T checkNotNull(T reference, Object errorMessage) {
+        if (reference == null) {
+            throw new NullPointerException(String.valueOf(errorMessage));
+        } else {
+            return reference;
+        }
+    }
+
+    public static <T> T checkNotNull(T reference, String errorMessageTemplate, Object... errorMessageArgs) {
+        if (reference == null) {
+            throw new NullPointerException(format(errorMessageTemplate, errorMessageArgs));
+        } else {
+            return reference;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, char p1) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, int p1) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, long p1) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, Object p1) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, char p1, char p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, char p1, int p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, char p1, long p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, char p1, Object p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, int p1, char p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, int p1, int p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, int p1, long p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, int p1, Object p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, long p1, char p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, long p1, int p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, long p1, long p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, long p1, Object p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, Object p1, char p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, Object p1, int p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, Object p1, long p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, Object p1, Object p2) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, Object p1, Object p2, Object p3) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2, p3));
+        } else {
+            return obj;
+        }
+    }
+
+    public static <T> T checkNotNull(T obj, String errorMessageTemplate, Object p1, Object p2, Object p3, Object p4) {
+        if (obj == null) {
+            throw new NullPointerException(format(errorMessageTemplate, p1, p2, p3, p4));
+        } else {
+            return obj;
+        }
+    }
+
+    static String format(String template, Object... args) {
+        template = String.valueOf(template);
+        StringBuilder builder = new StringBuilder(template.length() + 16 * args.length);
+        int templateStart = 0;
+
+        int i;
+        int placeholderStart;
+        for(i = 0; i < args.length; templateStart = placeholderStart + 2) {
+            placeholderStart = template.indexOf("%s", templateStart);
+            if (placeholderStart == -1) {
+                break;
+            }
+
+            builder.append(template, templateStart, placeholderStart);
+            builder.append(args[i++]);
+        }
+
+        builder.append(template, templateStart, template.length());
+        if (i < args.length) {
+            builder.append(" [");
+            builder.append(args[i++]);
+
+            while(i < args.length) {
+                builder.append(", ");
+                builder.append(args[i++]);
+            }
+
+            builder.append(']');
+        }
+
+        return builder.toString();
+    }
+}
@@ -0,0 +1,50 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils;
+
+import dev.brighten.antivpn.api.APIPlayer;
+import dev.brighten.antivpn.web.objects.VPNResponse;
+
+public class StringUtil {
+    public static String line(String color) {
+        return color + "&m-----------------------------------------------------";
+    }
+
+    public static String line() {
+        return "&m-----------------------------------------------------";
+    }
+
+    public static String varReplace(String input, APIPlayer player, VPNResponse result) {
+        return translateAlternateColorCodes('&', input.replace("%player%", player.getName())
+                .replace("%reason%", result.getMethod())
+                .replace("%country%", result.getCountryName())
+                .replace("%city%", result.getCity()));
+    }
+
+    public static String translateAlternateColorCodes(char altColorChar, String textToTranslate) {
+        char[] b = textToTranslate.toCharArray();
+
+        for(int i = 0; i < b.length - 1; ++i) {
+            if (b[i] == altColorChar && "0123456789AaBbCcDdEeFfKkLlMmNnOoRr".indexOf(b[i + 1]) > -1) {
+                b[i] = 167;
+                b[i + 1] = Character.toLowerCase(b[i + 1]);
+            }
+        }
+
+        return new String(b);
+    }
+}
@@ -0,0 +1,27 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+//
+// Source code recreated from a .class file by IntelliJ IDEA
+// (powered by FernFlower decompiler)
+//
+
+package dev.brighten.antivpn.utils;
+
+@FunctionalInterface
+public interface Supplier<T> extends java.util.function.Supplier<T> {
+    T get();
+}
@@ -0,0 +1,145 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils;
+
+import java.io.Serializable;
+
+import static dev.brighten.antivpn.utils.NullnessCasts.uncheckedCastNullableTToT;
+import static dev.brighten.antivpn.utils.Preconditions.checkNotNull;
+import static java.util.Objects.requireNonNull;
+
+/**
+ * Useful suppliers.
+ *
+ * <p>All methods return serializable suppliers as long as they're given serializable parameters.
+ *
+ * @author Laurence Gonsalves
+ * @author Harry Heymann
+ * @since 2.0
+ */
+public final class Suppliers {
+    private Suppliers() {}
+
+    /**
+     * Returns a supplier which caches the instance retrieved during the first call to {@code get()}
+     * and returns that value on subsequent calls to {@code get()}. See: <a
+     * href="http://en.wikipedia.org/wiki/Memoization">memoization</a>
+     *
+     * <p>The returned supplier is thread-safe. The delegate's {@code get()} method will be invoked at
+     * most once unless the underlying {@code get()} throws an exception. The supplier's serialized
+     * form does not contain the cached value, which will be recalculated when {@code get()} is called
+     * on the reserialized instance.
+     *
+     * <p>When the underlying delegate throws an exception then this memoizing supplier will keep
+     * delegating calls until it returns valid data.
+     *
+     * <p>If {@code delegate} is an instance created by an earlier call to {@code memoize}, it is
+     * returned directly.
+     */
+    public static <T> Supplier<T> memoize(Supplier<T> delegate) {
+        if (delegate instanceof NonSerializableMemoizingSupplier
+                || delegate instanceof MemoizingSupplier) {
+            return delegate;
+        }
+        return delegate instanceof Serializable
+                ? new MemoizingSupplier<>(delegate)
+                : new NonSerializableMemoizingSupplier<>(delegate);
+    }
+
+    static class MemoizingSupplier<T> implements Supplier<T>, Serializable {
+        final Supplier<T> delegate;
+        transient volatile boolean initialized;
+        // "value" does not need to be volatile; visibility piggy-backs
+        // on volatile read of "initialized".
+        transient T value;
+
+        MemoizingSupplier(Supplier<T> delegate) {
+            this.delegate = checkNotNull(delegate);
+        }
+
+        @Override
+        public T get() {
+            // A 2-field variant of Double Checked Locking.
+            if (!initialized) {
+                synchronized (this) {
+                    if (!initialized) {
+                        T t = delegate.get();
+                        value = t;
+                        initialized = true;
+                        return t;
+                    }
+                }
+            }
+            // This is safe because we checked `initialized.`
+            return uncheckedCastNullableTToT(value);
+        }
+
+        @Override
+        public String toString() {
+            return "Suppliers.memoize("
+                    + (initialized ? "<supplier that returned " + value + ">" : delegate)
+                    + ")";
+        }
+
+        private static final long serialVersionUID = 0;
+    }
+
+    static class NonSerializableMemoizingSupplier<T> implements Supplier<T> {
+        volatile Supplier<T> delegate;
+        volatile boolean initialized;
+        // "value" does not need to be volatile; visibility piggy-backs
+        // on volatile read of "initialized".
+        T value;
+
+        NonSerializableMemoizingSupplier(Supplier<T> delegate) {
+            this.delegate = checkNotNull(delegate);
+        }
+
+        @Override
+        public T get() {
+            // A 2-field variant of Double Checked Locking.
+            if (!initialized) {
+                synchronized (this) {
+                    if (!initialized) {
+                        /*
+                         * requireNonNull is safe because we read and write `delegate` under synchronization.
+                         *
+                         * TODO(cpovirk): To avoid having to check for null, replace `delegate` with a singleton
+                         * `Supplier` that always throws an exception.
+                         */
+                        T t = requireNonNull(delegate).get();
+                        value = t;
+                        initialized = true;
+                        // Release the delegate to GC.
+                        delegate = null;
+                        return t;
+                    }
+                }
+            }
+            // This is safe because we checked `initialized.`
+            return uncheckedCastNullableTToT(value);
+        }
+
+        @Override
+        public String toString() {
+            Supplier<T> delegate = this.delegate;
+            return "Suppliers.memoize("
+                    + (delegate == null ? "<supplier that returned " + value + ">" : delegate)
+                    + ")";
+        }
+    }
+}
@@ -0,0 +1,21 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils;
+
+public record Tuple<F, S>(F first, S second) {
+
+}
@@ -0,0 +1,523 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils.config;
+
+import java.util.*;
+
+public final class Configuration
+{
+
+    private static final char SEPARATOR = '.';
+    final Map<String, Object> self;
+    final Map<String, List<String>> comments;
+    private final Configuration defaults;
+
+    public Configuration()
+    {
+        this( null );
+    }
+
+    public Configuration(Configuration defaults)
+    {
+        this( new LinkedHashMap<String, Object>(), defaults );
+    }
+
+    Configuration(Map<?, ?> map, Configuration defaults)
+    {
+        this.self = new LinkedHashMap<>();
+        this.defaults = defaults;
+        comments = new HashMap<>();
+
+        for ( Map.Entry<?, ?> entry : map.entrySet() )
+        {
+            String key = ( entry.getKey() == null ) ? "null" : entry.getKey().toString();
+
+            if ( entry.getValue() instanceof Map )
+            {
+                this.self.put( key, new Configuration( (Map) entry.getValue(), ( defaults == null ) ? null : defaults.getSection( key ) ) );
+            } else
+            {
+                this.self.put( key, entry.getValue() );
+            }
+        }
+    }
+
+    public void loadFromString(String contents) {
+
+        List<String> list = new ArrayList<>();
+        Collections.addAll(list, contents.split("\n"));
+
+        int currentLayer = 0;
+        String currentPath = "";
+
+        int lineNumber = 0;
+        for(Iterator<String> iterator = list.iterator(); iterator.hasNext(); lineNumber++) {
+            String line = iterator.next();
+
+            String trimmed = line.trim();
+            if(trimmed.startsWith("#") || trimmed.isEmpty()) {
+                addCommentLine(currentPath, line);
+                continue;
+            }
+
+            if(!line.isEmpty()) {
+                if(line.contains(":")) {
+
+                    int layerFromLine = getLayerFromLine(line, lineNumber);
+
+                    if(layerFromLine < currentLayer) {
+                        currentPath = regressPathBy(currentLayer - layerFromLine, currentPath);
+                    }
+
+                    String key = getKeyFromLine(line);
+
+                    if(currentLayer == 0) {
+                        currentPath = key;
+                    }
+                    else {
+                        currentPath += "." + key;
+                    }
+                }
+            }
+        }
+    }
+
+    private void addCommentLine(String currentPath, String line) {
+
+        List<String> list = comments.get(currentPath);
+        if(list == null) {
+            list = new ArrayList<>();
+        }
+        list.add(line);
+
+        comments.put(currentPath, list);
+    }
+
+    String getKeyFromLine(String line) {
+        String key = null;
+
+        for(int i = 0; i < line.length(); i++) {
+            if(line.charAt(i) == ':') {
+                key = line.substring(0, i);
+                break;
+            }
+        }
+
+        return key == null ? null : key.trim();
+    }
+
+    String regressPathBy(int i, String currentPath) {
+        if(i <= 0) {
+            return currentPath;
+        }
+        String[] split = currentPath.split("\\.");
+
+        String rebuild = "";
+        for(int j = 0; j < split.length - i; j++) {
+            rebuild += split[j];
+            if(j <= (split.length - j)) {
+                rebuild += ".";
+            }
+        }
+
+        return rebuild;
+    }
+
+    int getLayerFromLine(String line, int lineNumber) {
+
+        double d = 0;
+        for(int i = 0; i < line.length(); i++) {
+            if(line.charAt(i) == ' ') {
+                d += 0.5;
+            }
+            else {
+                break;
+            }
+        }
+
+        return (int) d;
+
+    }
+
+    private Configuration getSectionFor(String path)
+    {
+        int index = path.indexOf( SEPARATOR );
+        if ( index == -1 )
+        {
+            return this;
+        }
+
+        String root = path.substring( 0, index );
+        Object section = self.get( root );
+        if ( section == null )
+        {
+            section = new Configuration( ( defaults == null ) ? null : defaults.getSection( root ) );
+            self.put( root, section );
+        }
+
+        return (Configuration) section;
+    }
+
+    private String getChild(String path)
+    {
+        int index = path.indexOf( SEPARATOR );
+        return ( index == -1 ) ? path : path.substring( index + 1 );
+    }
+
+    /*------------------------------------------------------------------------*/
+    @SuppressWarnings("unchecked")
+    public <T> T get(String path, T def)
+    {
+        Configuration section = getSectionFor( path );
+        Object val;
+        if ( section == this )
+        {
+            val = self.get( path );
+        } else
+        {
+            val = section.get( getChild( path ), def );
+        }
+
+        if ( val == null && def instanceof Configuration )
+        {
+            self.put( path, def );
+        }
+
+        return ( val != null ) ? (T) val : def;
+    }
+
+    public boolean contains(String path)
+    {
+        return get( path, null ) != null;
+    }
+
+    public Object get(String path)
+    {
+        return get( path, getDefault( path ) );
+    }
+
+    public Object getDefault(String path)
+    {
+        return ( defaults == null ) ? null : defaults.get( path );
+    }
+
+    public void set(String path, Object value)
+    {
+        if ( value instanceof Map )
+        {
+            value = new Configuration( (Map) value, ( defaults == null ) ? null : defaults.getSection( path ) );
+        }
+
+        Configuration section = getSectionFor( path );
+        if ( section == this )
+        {
+            if ( value == null )
+            {
+                self.remove( path );
+            } else
+            {
+                self.put( path, value );
+            }
+        } else
+        {
+            section.set( getChild( path ), value );
+        }
+    }
+
+    /*------------------------------------------------------------------------*/
+    public Configuration getSection(String path)
+    {
+        Object def = getDefault( path );
+        return (Configuration) get( path, ( def instanceof Configuration ) ? def : new Configuration( ( defaults == null ) ? null : defaults.getSection( path ) ) );
+    }
+
+    /**
+     * Gets keys, not deep by default.
+     *
+     * @return top level keys for this section
+     */
+    public Collection<String> getKeys()
+    {
+        return new LinkedHashSet<>( self.keySet() );
+    }
+
+    /*------------------------------------------------------------------------*/
+    public byte getByte(String path)
+    {
+        Object def = getDefault( path );
+        return getByte( path, ( def instanceof Number ) ? ( (Number) def ).byteValue() : 0 );
+    }
+
+    public byte getByte(String path, byte def)
+    {
+        Object val = get( path, def );
+        return ( val instanceof Number ) ? ( (Number) val ).byteValue() : def;
+    }
+
+    public List<Byte> getByteList(String path)
+    {
+        List<?> list = getList( path );
+        List<Byte> result = new ArrayList<>();
+
+        for ( Object object : list )
+        {
+            if ( object instanceof Number )
+            {
+                result.add( ( (Number) object ).byteValue() );
+            }
+        }
+
+        return result;
+    }
+
+    public short getShort(String path)
+    {
+        Object def = getDefault( path );
+        return getShort( path, ( def instanceof Number ) ? ( (Number) def ).shortValue() : 0 );
+    }
+
+    public short getShort(String path, short def)
+    {
+        Object val = get( path, def );
+        return ( val instanceof Number ) ? ( (Number) val ).shortValue() : def;
+    }
+
+    public List<Short> getShortList(String path)
+    {
+        List<?> list = getList( path );
+        List<Short> result = new ArrayList<>();
+
+        for ( Object object : list )
+        {
+            if ( object instanceof Number )
+            {
+                result.add( ( (Number) object ).shortValue() );
+            }
+        }
+
+        return result;
+    }
+
+    public int getInt(String path)
+    {
+        Object def = getDefault( path );
+        return getInt( path, ( def instanceof Number ) ? ( (Number) def ).intValue() : 0 );
+    }
+
+    public int getInt(String path, int def)
+    {
+        Object val = get( path, def );
+        return ( val instanceof Number ) ? ( (Number) val ).intValue() : def;
+    }
+
+    public List<Integer> getIntList(String path)
+    {
+        List<?> list = getList( path );
+        List<Integer> result = new ArrayList<>();
+
+        for ( Object object : list )
+        {
+            if ( object instanceof Number )
+            {
+                result.add( ( (Number) object ).intValue() );
+            }
+        }
+
+        return result;
+    }
+
+    public long getLong(String path)
+    {
+        Object def = getDefault( path );
+        return getLong( path, ( def instanceof Number ) ? ( (Number) def ).longValue() : 0 );
+    }
+
+    public long getLong(String path, long def)
+    {
+        Object val = get( path, def );
+        return ( val instanceof Number ) ? ( (Number) val ).longValue() : def;
+    }
+
+    public List<Long> getLongList(String path)
+    {
+        List<?> list = getList( path );
+        List<Long> result = new ArrayList<>();
+
+        for ( Object object : list )
+        {
+            if ( object instanceof Number )
+            {
+                result.add( ( (Number) object ).longValue() );
+            }
+        }
+
+        return result;
+    }
+
+    public float getFloat(String path)
+    {
+        Object def = getDefault( path );
+        return getFloat( path, ( def instanceof Number ) ? ( (Number) def ).floatValue() : 0 );
+    }
+
+    public float getFloat(String path, float def)
+    {
+        Object val = get( path, def );
+        return ( val instanceof Number ) ? ( (Number) val ).floatValue() : def;
+    }
+
+    public List<Float> getFloatList(String path)
+    {
+        List<?> list = getList( path );
+        List<Float> result = new ArrayList<>();
+
+        for ( Object object : list )
+        {
+            if ( object instanceof Number )
+            {
+                result.add( ( (Number) object ).floatValue() );
+            }
+        }
+
+        return result;
+    }
+
+    public double getDouble(String path)
+    {
+        Object def = getDefault( path );
+        return getDouble( path, ( def instanceof Number ) ? ( (Number) def ).doubleValue() : 0 );
+    }
+
+    public double getDouble(String path, double def)
+    {
+        Object val = get( path, def );
+        return ( val instanceof Number ) ? ( (Number) val ).doubleValue() : def;
+    }
+
+    public List<Double> getDoubleList(String path)
+    {
+        List<?> list = getList( path );
+        List<Double> result = new ArrayList<>();
+
+        for ( Object object : list )
+        {
+            if ( object instanceof Number )
+            {
+                result.add( ( (Number) object ).doubleValue() );
+            }
+        }
+
+        return result;
+    }
+
+    public boolean getBoolean(String path)
+    {
+        Object def = getDefault( path );
+        return getBoolean( path, ( def instanceof Boolean ) ? (Boolean) def : false );
+    }
+
+    public boolean getBoolean(String path, boolean def)
+    {
+        Object val = get( path, def );
+        return ( val instanceof Boolean ) ? (Boolean) val : def;
+    }
+
+    public List<Boolean> getBooleanList(String path)
+    {
+        List<?> list = getList( path );
+        List<Boolean> result = new ArrayList<>();
+
+        for ( Object object : list )
+        {
+            if ( object instanceof Boolean )
+            {
+                result.add( (Boolean) object );
+            }
+        }
+
+        return result;
+    }
+
+    public char getChar(String path)
+    {
+        Object def = getDefault( path );
+        return getChar( path, ( def instanceof Character ) ? (Character) def : '\u0000' );
+    }
+
+    public char getChar(String path, char def)
+    {
+        Object val = get( path, def );
+        return ( val instanceof Character ) ? (Character) val : def;
+    }
+
+    public List<Character> getCharList(String path)
+    {
+        List<?> list = getList( path );
+        List<Character> result = new ArrayList<>();
+
+        for ( Object object : list )
+        {
+            if ( object instanceof Character )
+            {
+                result.add( (Character) object );
+            }
+        }
+
+        return result;
+    }
+
+    public String getString(String path)
+    {
+        Object def = getDefault( path );
+        return getString( path, ( def instanceof String ) ? (String) def : "" );
+    }
+
+    public String getString(String path, String def)
+    {
+        Object val = get( path, def );
+        return ( val instanceof String ) ? (String) val : def;
+    }
+
+    public List<String> getStringList(String path)
+    {
+        List<?> list = getList( path );
+        List<String> result = new ArrayList<>();
+
+        for ( Object object : list )
+        {
+            if ( object instanceof String )
+            {
+                result.add( (String) object );
+            }
+        }
+
+        return result;
+    }
+
+    /*------------------------------------------------------------------------*/
+    public List<?> getList(String path)
+    {
+        Object def = getDefault( path );
+        return getList( path, ( def instanceof List<?> ) ? (List<?>) def : Collections.EMPTY_LIST );
+    }
+
+    public List<?> getList(String path, List<?> def)
+    {
+        Object val = get( path, def );
+        return ( val instanceof List<?> ) ? (List<?>) val : def;
+    }
+}
@@ -0,0 +1,65 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils.config;
+
+import java.io.*;
+import java.util.HashMap;
+import java.util.Map;
+
+public abstract class ConfigurationProvider
+{
+
+    public static final Map<Class<? extends ConfigurationProvider>, ConfigurationProvider> providers = new HashMap<>();
+
+    static
+    {
+        try
+        {
+            providers.put( YamlConfiguration.class, new YamlConfiguration() );
+        } catch ( NoClassDefFoundError ex )
+        {
+            ex.printStackTrace();
+            // Ignore, no SnakeYAML
+        }
+    }
+
+    public static ConfigurationProvider getProvider(Class<? extends ConfigurationProvider> provider)
+    {
+        return providers.get( provider );
+    }
+
+    /*------------------------------------------------------------------------*/
+    public abstract void save(Configuration config, File file) throws IOException;
+
+    public abstract void save(Configuration config, Writer writer);
+
+    public abstract Configuration load(File file) throws IOException;
+
+    public abstract Configuration load(File file, Configuration defaults) throws IOException;
+
+    public abstract Configuration load(Reader reader);
+
+    public abstract Configuration load(Reader reader, Configuration defaults);
+
+    public abstract Configuration load(InputStream is);
+
+    public abstract Configuration load(InputStream is, Configuration defaults);
+
+    public abstract Configuration load(String string);
+
+    public abstract Configuration load(String string, Configuration defaults);
+}
@@ -0,0 +1,197 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils.config;
+
+import lombok.AccessLevel;
+import lombok.NoArgsConstructor;
+import lombok.SneakyThrows;
+import org.yaml.snakeyaml.DumperOptions;
+import org.yaml.snakeyaml.LoaderOptions;
+import org.yaml.snakeyaml.Yaml;
+import org.yaml.snakeyaml.constructor.Constructor;
+import org.yaml.snakeyaml.representer.Representer;
+
+import java.io.*;
+import java.nio.charset.Charset;
+import java.nio.charset.StandardCharsets;
+import java.util.*;
+
+@NoArgsConstructor(access = AccessLevel.PACKAGE)
+public class YamlConfiguration extends ConfigurationProvider
+{
+
+    private final ThreadLocal<Yaml> yaml = new ThreadLocal<Yaml>()
+    {
+        @Override
+        protected Yaml initialValue()
+        {
+            DumperOptions options = new DumperOptions();
+            options.setDefaultFlowStyle( DumperOptions.FlowStyle.BLOCK );
+            Representer representer = new Representer(options)
+            {
+                {
+                    representers.put( Configuration.class, data -> represent( ( (Configuration) data ).self ));
+                }
+            };
+
+            representer.setDefaultFlowStyle(DumperOptions.FlowStyle.BLOCK);
+            return new Yaml( new Constructor(new LoaderOptions()), representer, options );
+        }
+    };
+
+    @Override
+    public void save(Configuration config, File file) throws IOException
+    {
+        try ( Writer writer = new OutputStreamWriter( new FileOutputStream( file ), StandardCharsets.UTF_8 ) )
+        {
+            save( config, writer );
+        }
+    }
+
+    @Override
+    public void save(Configuration config, Writer writer)
+    {
+        String contents = this.yaml.get().dump(config.self);
+        if (contents.equals("{}\n")) {
+            contents = "";
+        }
+
+        List<String> list = new ArrayList<>();
+        Collections.addAll(list, contents.split("\n"));
+
+        int currentLayer = 0;
+        StringBuilder currentPath = new StringBuilder();
+
+        StringBuilder sb = new StringBuilder();
+
+        int lineNumber = 0;
+        for(Iterator<String> iterator = list.iterator(); iterator.hasNext(); lineNumber++) {
+            String line = iterator.next();
+            sb.append(line);
+            sb.append('\n');
+
+            if (!line.isEmpty()) {
+                if (line.contains(":")) {
+
+                    int layerFromLine = config.getLayerFromLine(line, lineNumber);
+
+                    if (layerFromLine < currentLayer) {
+                        currentPath = new StringBuilder(config.regressPathBy(currentLayer - layerFromLine, currentPath.toString()));
+                    }
+
+                    String key = config.getKeyFromLine(line);
+
+                    if (currentLayer == 0) {
+                        currentPath = new StringBuilder(key);
+                    } else {
+                        currentPath.append("." + key);
+                    }
+
+                    String path = currentPath.toString();
+                    if (config.comments.containsKey(path)) {
+                        config.comments.get(path).forEach(string -> {
+                            sb.append(string);
+                            sb.append('\n');
+                        });
+                    }
+                }
+            }
+        }
+
+        try {
+            writer.write(sb.toString());
+        } catch (IOException e) {
+            e.printStackTrace();
+        }
+    }
+    @Override
+    public Configuration load(File file) throws IOException
+    {
+        return load( file, null );
+    }
+
+    @Override
+    public Configuration load(File file, Configuration defaults) throws IOException
+    {
+        try ( FileInputStream is = new FileInputStream( file ) )
+        {
+            return load( is, defaults );
+        }
+    }
+
+    @Override
+    public Configuration load(Reader reader)
+    {
+        return load( reader, null );
+    }
+
+    @SneakyThrows
+    @Override
+    public Configuration load(Reader reader, Configuration defaults)
+    {
+        BufferedReader input = reader instanceof BufferedReader ? (BufferedReader)reader : new BufferedReader(reader);
+        StringBuilder builder = new StringBuilder();
+
+        String line;
+        try {
+            while((line = input.readLine()) != null) {
+                builder.append(line);
+                builder.append('\n');
+            }
+        } finally {
+            input.close();
+        }
+
+
+        return load(builder.toString(), defaults);
+    }
+
+    @Override
+    public Configuration load(InputStream is)
+    {
+        return this.load(new InputStreamReader(is, Charset.defaultCharset()));
+    }
+
+    @Override
+    public Configuration load(InputStream is, Configuration defaults)
+    {
+        return this.load(new InputStreamReader(is, Charset.defaultCharset()), defaults);
+    }
+
+    @Override
+    public Configuration load(String string)
+    {
+        return load( string, null );
+    }
+
+
+    @Override
+    @SuppressWarnings("unchecked")
+    public Configuration load(String contents, Configuration defaults)
+    {
+        Map<String, Object> map;
+        LoaderOptions loaderOptions = new LoaderOptions();
+        loaderOptions.setMaxAliasesForCollections(2147483647);
+        map = this.yaml.get().loadAs(contents, LinkedHashMap.class);
+
+        Configuration config = new Configuration( map, defaults );
+        config.loadFromString(contents);
+
+        return config;
+    }
+
+}
@@ -0,0 +1,282 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils.json;
+
+/**
+ * This provides static methods to convert comma delimited text into a
+ * JSONArray, and to covert a JSONArray into comma delimited text. Comma
+ * delimited text is a very popular format for data interchange. It is
+ * understood by most database, spreadsheet, and organizer programs.
+ * <p>
+ * Each row of text represents a row in a table or a data record. Each row
+ * ends with a NEWLINE character. Each row contains one or more values.
+ * Values are separated by commas. A value can contain any character except
+ * for comma, unless is is wrapped in single quotes or double quotes.
+ * <p>
+ * The first row usually contains the names of the columns.
+ * <p>
+ * A comma delimited list can be converted into a JSONArray of JSONObjects.
+ * The names for the elements in the JSONObjects can be taken from the names
+ * in the first row.
+ *
+ * @author JSON.org
+ * @version 2010-12-24
+ */
+public class CDL {
+
+    /**
+     * Get the next value. The value can be wrapped in quotes. The value can
+     * be empty.
+     *
+     * @param x A JSONTokener of the source text.
+     * @return The value string, or null if empty.
+     * @throws JSONException if the quoted string is badly formed.
+     */
+    private static String getValue(JSONTokener x) throws JSONException {
+        char c;
+        char q;
+        StringBuffer sb;
+        do {
+            c = x.next();
+        } while (c == ' ' || c == '\t');
+        switch (c) {
+            case 0:
+                return null;
+            case '"':
+            case '\'':
+                q = c;
+                sb = new StringBuffer();
+                for (; ; ) {
+                    c = x.next();
+                    if (c == q) {
+                        break;
+                    }
+                    if (c == 0 || c == '\n' || c == '\r') {
+                        throw x.syntaxError("Missing close quote '" + q + "'.");
+                    }
+                    sb.append(c);
+                }
+                return sb.toString();
+            case ',':
+                x.back();
+                return "";
+            default:
+                x.back();
+                return x.nextTo(',');
+        }
+    }
+
+    /**
+     * Produce a JSONArray of strings from a row of comma delimited values.
+     *
+     * @param x A JSONTokener of the source text.
+     * @return A JSONArray of strings.
+     * @throws JSONException
+     */
+    public static JSONArray rowToJSONArray(JSONTokener x) throws JSONException {
+        JSONArray ja = new JSONArray();
+        for (; ; ) {
+            String value = getValue(x);
+            char c = x.next();
+            if (value == null ||
+                    (ja.length() == 0 && value.length() == 0 && c != ',')) {
+                return null;
+            }
+            ja.put(value);
+            for (; ; ) {
+                if (c == ',') {
+                    break;
+                }
+                if (c != ' ') {
+                    if (c == '\n' || c == '\r' || c == 0) {
+                        return ja;
+                    }
+                    throw x.syntaxError("Bad character '" + c + "' (" +
+                            (int) c + ").");
+                }
+                c = x.next();
+            }
+        }
+    }
+
+    /**
+     * Produce a JSONObject from a row of comma delimited text, using a
+     * parallel JSONArray of strings to provides the names of the elements.
+     *
+     * @param names A JSONArray of names. This is commonly obtained from the
+     *              first row of a comma delimited text file using the rowToJSONArray
+     *              method.
+     * @param x     A JSONTokener of the source text.
+     * @return A JSONObject combining the names and values.
+     * @throws JSONException
+     */
+    public static JSONObject rowToJSONObject(JSONArray names, JSONTokener x)
+            throws JSONException {
+        JSONArray ja = rowToJSONArray(x);
+        return ja != null ? ja.toJSONObject(names) : null;
+    }
+
+    /**
+     * Produce a comma delimited text row from a JSONArray. Values containing
+     * the comma character will be quoted. Troublesome characters may be
+     * removed.
+     *
+     * @param ja A JSONArray of strings.
+     * @return A string ending in NEWLINE.
+     */
+    public static String rowToString(JSONArray ja) {
+        StringBuffer sb = new StringBuffer();
+        for (int i = 0; i < ja.length(); i += 1) {
+            if (i > 0) {
+                sb.append(',');
+            }
+            Object object = ja.opt(i);
+            if (object != null) {
+                String string = object.toString();
+                if (string.length() > 0 && (string.indexOf(',') >= 0 ||
+                        string.indexOf('\n') >= 0 || string.indexOf('\r') >= 0 ||
+                        string.indexOf(0) >= 0 || string.charAt(0) == '"')) {
+                    sb.append('"');
+                    int length = string.length();
+                    for (int j = 0; j < length; j += 1) {
+                        char c = string.charAt(j);
+                        if (c >= ' ' && c != '"') {
+                            sb.append(c);
+                        }
+                    }
+                    sb.append('"');
+                } else {
+                    sb.append(string);
+                }
+            }
+        }
+        sb.append('\n');
+        return sb.toString();
+    }
+
+    /**
+     * Produce a JSONArray of JSONObjects from a comma delimited text string,
+     * using the first row as a source of names.
+     *
+     * @param string The comma delimited text.
+     * @return A JSONArray of JSONObjects.
+     * @throws JSONException
+     */
+    public static JSONArray toJSONArray(String string) throws JSONException {
+        return toJSONArray(new JSONTokener(string));
+    }
+
+    /**
+     * Produce a JSONArray of JSONObjects from a comma delimited text string,
+     * using the first row as a source of names.
+     *
+     * @param x The JSONTokener containing the comma delimited text.
+     * @return A JSONArray of JSONObjects.
+     * @throws JSONException
+     */
+    public static JSONArray toJSONArray(JSONTokener x) throws JSONException {
+        return toJSONArray(rowToJSONArray(x), x);
+    }
+
+    /**
+     * Produce a JSONArray of JSONObjects from a comma delimited text string
+     * using a supplied JSONArray as the source of element names.
+     *
+     * @param names  A JSONArray of strings.
+     * @param string The comma delimited text.
+     * @return A JSONArray of JSONObjects.
+     * @throws JSONException
+     */
+    public static JSONArray toJSONArray(JSONArray names, String string)
+            throws JSONException {
+        return toJSONArray(names, new JSONTokener(string));
+    }
+
+    /**
+     * Produce a JSONArray of JSONObjects from a comma delimited text string
+     * using a supplied JSONArray as the source of element names.
+     *
+     * @param names A JSONArray of strings.
+     * @param x     A JSONTokener of the source text.
+     * @return A JSONArray of JSONObjects.
+     * @throws JSONException
+     */
+    public static JSONArray toJSONArray(JSONArray names, JSONTokener x)
+            throws JSONException {
+        if (names == null || names.length() == 0) {
+            return null;
+        }
+        JSONArray ja = new JSONArray();
+        for (; ; ) {
+            JSONObject jo = rowToJSONObject(names, x);
+            if (jo == null) {
+                break;
+            }
+            ja.put(jo);
+        }
+        if (ja.length() == 0) {
+            return null;
+        }
+        return ja;
+    }
+
+
+    /**
+     * Produce a comma delimited text from a JSONArray of JSONObjects. The
+     * first row will be a list of names obtained by inspecting the first
+     * JSONObject.
+     *
+     * @param ja A JSONArray of JSONObjects.
+     * @return A comma delimited text.
+     * @throws JSONException
+     */
+    public static String toString(JSONArray ja) throws JSONException {
+        JSONObject jo = ja.optJSONObject(0);
+        if (jo != null) {
+            JSONArray names = jo.names();
+            if (names != null) {
+                return rowToString(names) + toString(names, ja);
+            }
+        }
+        return null;
+    }
+
+    /**
+     * Produce a comma delimited text from a JSONArray of JSONObjects using
+     * a provided list of names. The list of names is not included in the
+     * output.
+     *
+     * @param names A JSONArray of strings.
+     * @param ja    A JSONArray of JSONObjects.
+     * @return A comma delimited text.
+     * @throws JSONException
+     */
+    public static String toString(JSONArray names, JSONArray ja)
+            throws JSONException {
+        if (names == null || names.length() == 0) {
+            return null;
+        }
+        StringBuffer sb = new StringBuffer();
+        for (int i = 0; i < ja.length(); i += 1) {
+            JSONObject jo = ja.optJSONObject(i);
+            if (jo != null) {
+                sb.append(rowToString(jo.toJSONArray(names)));
+            }
+        }
+        return sb.toString();
+    }
+}
@@ -0,0 +1,166 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils.json;
+
+/**
+ * Convert a web browser cookie specification to a JSONObject and back.
+ * JSON and Cookies are both notations for name/value pairs.
+ *
+ * @author JSON.org
+ * @version 2010-12-24
+ */
+public class Cookie {
+
+    /**
+     * Produce a copy of a string in which the characters '+', '%', '=', ';'
+     * and control characters are replaced with "%hh". This is a gentle form
+     * of URL encoding, attempting to cause as little distortion to the
+     * string as possible. The characters '=' and ';' are meta characters in
+     * cookies. By convention, they are escaped using the URL-encoding. This is
+     * only a convention, not a standard. Often, cookies are expected to have
+     * encoded values. We encode '=' and ';' because we must. We encode '%' and
+     * '+' because they are meta characters in URL encoding.
+     *
+     * @param string The source string.
+     * @return The escaped result.
+     */
+    public static String escape(String string) {
+        char c;
+        String s = string.trim();
+        StringBuffer sb = new StringBuffer();
+        int length = s.length();
+        for (int i = 0; i < length; i += 1) {
+            c = s.charAt(i);
+            if (c < ' ' || c == '+' || c == '%' || c == '=' || c == ';') {
+                sb.append('%');
+                sb.append(Character.forDigit((char) ((c >>> 4) & 0x0f), 16));
+                sb.append(Character.forDigit((char) (c & 0x0f), 16));
+            } else {
+                sb.append(c);
+            }
+        }
+        return sb.toString();
+    }
+
+
+    /**
+     * Convert a cookie specification string into a JSONObject. The string
+     * will contain a name value pair separated by '='. The name and the value
+     * will be unescaped, possibly converting '+' and '%' sequences. The
+     * cookie properties may follow, separated by ';', also represented as
+     * name=value (except the secure property, which does not have a value).
+     * The name will be stored under the key "name", and the value will be
+     * stored under the key "value". This method does not do checking or
+     * validation of the parameters. It only converts the cookie string into
+     * a JSONObject.
+     *
+     * @param string The cookie specification string.
+     * @return A JSONObject containing "name", "value", and possibly other
+     * members.
+     * @throws JSONException
+     */
+    public static JSONObject toJSONObject(String string) throws JSONException {
+        String name;
+        JSONObject jo = new JSONObject();
+        Object value;
+        JSONTokener x = new JSONTokener(string);
+        jo.put("name", x.nextTo('='));
+        x.next('=');
+        jo.put("value", x.nextTo(';'));
+        x.next();
+        while (x.more()) {
+            name = unescape(x.nextTo("=;"));
+            if (x.next() != '=') {
+                if (name.equals("secure")) {
+                    value = Boolean.TRUE;
+                } else {
+                    throw x.syntaxError("Missing '=' in cookie parameter.");
+                }
+            } else {
+                value = unescape(x.nextTo(';'));
+                x.next();
+            }
+            jo.put(name, value);
+        }
+        return jo;
+    }
+
+
+    /**
+     * Convert a JSONObject into a cookie specification string. The JSONObject
+     * must contain "name" and "value" members.
+     * If the JSONObject contains "expires", "domain", "path", or "secure"
+     * members, they will be appended to the cookie specification string.
+     * All other members are ignored.
+     *
+     * @param jo A JSONObject
+     * @return A cookie specification string
+     * @throws JSONException
+     */
+    public static String toString(JSONObject jo) throws JSONException {
+        StringBuffer sb = new StringBuffer();
+
+        sb.append(escape(jo.getString("name")));
+        sb.append("=");
+        sb.append(escape(jo.getString("value")));
+        if (jo.has("expires")) {
+            sb.append(";expires=");
+            sb.append(jo.getString("expires"));
+        }
+        if (jo.has("domain")) {
+            sb.append(";domain=");
+            sb.append(escape(jo.getString("domain")));
+        }
+        if (jo.has("path")) {
+            sb.append(";path=");
+            sb.append(escape(jo.getString("path")));
+        }
+        if (jo.optBoolean("secure")) {
+            sb.append(";secure");
+        }
+        return sb.toString();
+    }
+
+    /**
+     * Convert <code>%</code><i>hh</i> sequences to single characters, and
+     * convert plus to space.
+     *
+     * @param string A string that may contain
+     *               <code>+</code>&nbsp;<small>(plus)</small> and
+     *               <code>%</code><i>hh</i> sequences.
+     * @return The unescaped string.
+     */
+    public static String unescape(String string) {
+        int length = string.length();
+        StringBuffer sb = new StringBuffer();
+        for (int i = 0; i < length; ++i) {
+            char c = string.charAt(i);
+            if (c == '+') {
+                c = ' ';
+            } else if (c == '%' && i + 2 < length) {
+                int d = JSONTokener.dehexchar(string.charAt(i + 1));
+                int e = JSONTokener.dehexchar(string.charAt(i + 2));
+                if (d >= 0 && e >= 0) {
+                    c = (char) (d * 16 + e);
+                    i += 2;
+                }
+            }
+            sb.append(c);
+        }
+        return sb.toString();
+    }
+}
@@ -0,0 +1,85 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils.json;
+
+import java.util.Iterator;
+
+/**
+ * Convert a web browser cookie list string to a JSONObject and back.
+ *
+ * @author JSON.org
+ * @version 2010-12-24
+ */
+public class CookieList {
+
+    /**
+     * Convert a cookie list into a JSONObject. A cookie list is a sequence
+     * of name/value pairs. The names are separated from the values by '='.
+     * The pairs are separated by ';'. The names and the values
+     * will be unescaped, possibly converting '+' and '%' sequences.
+     * <p>
+     * To add a cookie to a cooklist,
+     * cookielistJSONObject.put(cookieJSONObject.getString("name"),
+     * cookieJSONObject.getString("value"));
+     *
+     * @param string A cookie list string
+     * @return A JSONObject
+     * @throws JSONException
+     */
+    public static JSONObject toJSONObject(String string) throws JSONException {
+        JSONObject jo = new JSONObject();
+        JSONTokener x = new JSONTokener(string);
+        while (x.more()) {
+            String name = Cookie.unescape(x.nextTo('='));
+            x.next('=');
+            jo.put(name, Cookie.unescape(x.nextTo(';')));
+            x.next();
+        }
+        return jo;
+    }
+
+
+    /**
+     * Convert a JSONObject into a cookie list. A cookie list is a sequence
+     * of name/value pairs. The names are separated from the values by '='.
+     * The pairs are separated by ';'. The characters '%', '+', '=', and ';'
+     * in the names and values are replaced by "%hh".
+     *
+     * @param jo A JSONObject
+     * @return A cookie list string
+     * @throws JSONException
+     */
+    public static String toString(JSONObject jo) throws JSONException {
+        boolean b = false;
+        Iterator keys = jo.keys();
+        String string;
+        StringBuffer sb = new StringBuffer();
+        while (keys.hasNext()) {
+            string = keys.next().toString();
+            if (!jo.isNull(string)) {
+                if (b) {
+                    sb.append(';');
+                }
+                sb.append(Cookie.escape(string));
+                sb.append("=");
+                sb.append(Cookie.escape(jo.getString(string)));
+                b = true;
+            }
+        }
+        return sb.toString();
+    }
+}
@@ -0,0 +1,160 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils.json;
+
+import java.util.Iterator;
+
+/**
+ * Convert an HTTP header to a JSONObject and back.
+ *
+ * @author JSON.org
+ * @version 2010-12-24
+ */
+public class HTTP {
+
+    /**
+     * Carriage return/line feed.
+     */
+    public static final String CRLF = "\r\n";
+
+    /**
+     * Convert an HTTP header string into a JSONObject. It can be a request
+     * header or a response header. A request header will contain
+     * <pre>{
+     *    Method: "POST" (for example),
+     *    "Request-URI": "/" (for example),
+     *    "HTTP-Version": "HTTP/1.1" (for example)
+     * }</pre>
+     * A response header will contain
+     * <pre>{
+     *    "HTTP-Version": "HTTP/1.1" (for example),
+     *    "Fixes-Code": "200" (for example),
+     *    "Reason-Phrase": "OK" (for example)
+     * }</pre>
+     * In addition, the other parameters in the header will be captured, using
+     * the HTTP field names as JSON names, so that <pre>
+     *    Date: Sun, 26 May 2002 18:06:04 GMT
+     *    Cookie: Q=q2=PPEAsg--; B=677gi6ouf29bn&b=2&f=s
+     *    Cache-Control: no-cache</pre>
+     * become
+     * <pre>{...
+     *    Date: "Sun, 26 May 2002 18:06:04 GMT",
+     *    Cookie: "Q=q2=PPEAsg--; B=677gi6ouf29bn&b=2&f=s",
+     *    "Cache-Control": "no-cache",
+     * ...}</pre>
+     * It does no further checking or conversion. It does not parse dates.
+     * It does not do '%' transforms on URLs.
+     *
+     * @param string An HTTP header string.
+     * @return A JSONObject containing the elements and attributes
+     * of the XML string.
+     * @throws JSONException
+     */
+    public static JSONObject toJSONObject(String string) throws JSONException {
+        JSONObject jo = new JSONObject();
+        HTTPTokener x = new HTTPTokener(string);
+        String token;
+
+        token = x.nextToken();
+        if (token.toUpperCase().startsWith("HTTP")) {
+
+// Response
+
+            jo.put("HTTP-Version", token);
+            jo.put("Fixes-Code", x.nextToken());
+            jo.put("Reason-Phrase", x.nextTo('\0'));
+            x.next();
+
+        } else {
+
+// Request
+
+            jo.put("Method", token);
+            jo.put("Request-URI", x.nextToken());
+            jo.put("HTTP-Version", x.nextToken());
+        }
+
+// Fields
+
+        while (x.more()) {
+            String name = x.nextTo(':');
+            x.next(':');
+            jo.put(name, x.nextTo('\0'));
+            x.next();
+        }
+        return jo;
+    }
+
+
+    /**
+     * Convert a JSONObject into an HTTP header. A request header must contain
+     * <pre>{
+     *    Method: "POST" (for example),
+     *    "Request-URI": "/" (for example),
+     *    "HTTP-Version": "HTTP/1.1" (for example)
+     * }</pre>
+     * A response header must contain
+     * <pre>{
+     *    "HTTP-Version": "HTTP/1.1" (for example),
+     *    "Fixes-Code": "200" (for example),
+     *    "Reason-Phrase": "OK" (for example)
+     * }</pre>
+     * Any other members of the JSONObject will be output as HTTP fields.
+     * The result will end with two CRLF pairs.
+     *
+     * @param jo A JSONObject
+     * @return An HTTP header string.
+     * @throws JSONException if the object does not contain enough
+     *                       information.
+     */
+    public static String toString(JSONObject jo) throws JSONException {
+        Iterator keys = jo.keys();
+        String string;
+        StringBuffer sb = new StringBuffer();
+        if (jo.has("Fixes-Code") && jo.has("Reason-Phrase")) {
+            sb.append(jo.getString("HTTP-Version"));
+            sb.append(' ');
+            sb.append(jo.getString("Fixes-Code"));
+            sb.append(' ');
+            sb.append(jo.getString("Reason-Phrase"));
+        } else if (jo.has("Method") && jo.has("Request-URI")) {
+            sb.append(jo.getString("Method"));
+            sb.append(' ');
+            sb.append('"');
+            sb.append(jo.getString("Request-URI"));
+            sb.append('"');
+            sb.append(' ');
+            sb.append(jo.getString("HTTP-Version"));
+        } else {
+            throw new JSONException("Not enough material for an HTTP header.");
+        }
+        sb.append(CRLF);
+        while (keys.hasNext()) {
+            string = keys.next().toString();
+            if (!string.equals("HTTP-Version") && !string.equals("Fixes-Code") &&
+                    !string.equals("Reason-Phrase") && !string.equals("Method") &&
+                    !string.equals("Request-URI") && !jo.isNull(string)) {
+                sb.append(string);
+                sb.append(": ");
+                sb.append(jo.getString(string));
+                sb.append(CRLF);
+            }
+        }
+        sb.append(CRLF);
+        return sb.toString();
+    }
+}
@@ -0,0 +1,72 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils.json;
+
+/**
+ * The HTTPTokener extends the JSONTokener to provide additional methods
+ * for the parsing of HTTP headers.
+ *
+ * @author JSON.org
+ * @version 2010-12-24
+ */
+public class HTTPTokener extends JSONTokener {
+
+    /**
+     * Construct an HTTPTokener from a string.
+     *
+     * @param string A source string.
+     */
+    public HTTPTokener(String string) {
+        super(string);
+    }
+
+
+    /**
+     * Get the next token or string. This is used in parsing HTTP headers.
+     *
+     * @return A String.
+     * @throws JSONException
+     */
+    public String nextToken() throws JSONException {
+        char c;
+        char q;
+        StringBuffer sb = new StringBuffer();
+        do {
+            c = next();
+        } while (Character.isWhitespace(c));
+        if (c == '"' || c == '\'') {
+            q = c;
+            for (; ; ) {
+                c = next();
+                if (c < ' ') {
+                    throw syntaxError("Unterminated string.");
+                }
+                if (c == q) {
+                    return sb.toString();
+                }
+                sb.append(c);
+            }
+        }
+        for (; ; ) {
+            if (c == 0 || Character.isWhitespace(c)) {
+                return sb.toString();
+            }
+            sb.append(c);
+            c = next();
+        }
+    }
+}
@@ -0,0 +1,938 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils.json;
+
+import java.io.IOException;
+import java.io.Writer;
+import java.lang.reflect.Array;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.Map;
+
+/**
+ * A JSONArray is an ordered sequence of values. Its external text form is a
+ * string wrapped in square brackets with commas separating the values. The
+ * internal form is an object having <code>get</code> and <code>opt</code>
+ * methods for accessing the values by index, and <code>put</code> methods for
+ * adding or replacing values. The values can be any of these types:
+ * <code>Boolean</code>, <code>JSONArray</code>, <code>JSONObject</code>,
+ * <code>Number</code>, <code>String</code>, or the
+ * <code>JSONObject.NULL object</code>.
+ * <p>
+ * The constructor can convert a JSON text into a Java object. The
+ * <code>toString</code> method converts to JSON text.
+ * <p>
+ * A <code>get</code> method returns a value if one can be found, and throws an
+ * exception if one cannot be found. An <code>opt</code> method returns a
+ * default value instead of throwing an exception, and so is useful for
+ * obtaining optional values.
+ * <p>
+ * The generic <code>get()</code> and <code>opt()</code> methods return an
+ * object which you can cast or query for type. There are also typed
+ * <code>get</code> and <code>opt</code> methods that do type checking and type
+ * coercion for you.
+ * <p>
+ * The texts produced by the <code>toString</code> methods strictly conform to
+ * JSON syntax rules. The constructors are more forgiving in the texts they will
+ * accept:
+ * <ul>
+ * <li>An extra <code>,</code>&nbsp;<small>(comma)</small> may appear just
+ * before the closing bracket.</li>
+ * <li>The <code>null</code> value will be inserted when there
+ * is <code>,</code>&nbsp;<small>(comma)</small> elision.</li>
+ * <li>Strings may be quoted with <code>'</code>&nbsp;<small>(single
+ * quote)</small>.</li>
+ * <li>Strings do not need to be quoted at all if they do not begin with a quote
+ * or single quote, and if they do not contain leading or trailing spaces,
+ * and if they do not contain any of these characters:
+ * <code>{ } [ ] / \ : , = ; #</code> and if they do not look like numbers
+ * and if they are not the reserved words <code>true</code>,
+ * <code>false</code>, or <code>null</code>.</li>
+ * <li>Values can be separated by <code>;</code> <small>(semicolon)</small> as
+ * well as by <code>,</code> <small>(comma)</small>.</li>
+ * <li>Numbers may have the
+ * <code>0x-</code> <small>(hex)</small> prefix.</li>
+ * </ul>
+ *
+ * @author JSON.org
+ * @version 2011-05-04
+ */
+public class JSONArray {
+
+
+    /**
+     * The arrayList where the JSONArray's properties are kept.
+     */
+    private ArrayList myArrayList;
+
+
+    /**
+     * Construct an empty JSONArray.
+     */
+    public JSONArray() {
+        this.myArrayList = new ArrayList();
+    }
+
+    /**
+     * Construct a JSONArray from a JSONTokener.
+     *
+     * @param x A JSONTokener
+     * @throws JSONException If there is a syntax error.
+     */
+    public JSONArray(JSONTokener x) throws JSONException {
+        this();
+        if (x.nextClean() != '[') {
+            throw x.syntaxError("A JSONArray text must start with '['");
+        }
+        if (x.nextClean() != ']') {
+            x.back();
+            for (; ; ) {
+                if (x.nextClean() == ',') {
+                    x.back();
+                    this.myArrayList.add(JSONObject.NULL);
+                } else {
+                    x.back();
+                    this.myArrayList.add(x.nextValue());
+                }
+                switch (x.nextClean()) {
+                    case ';':
+                    case ',':
+                        if (x.nextClean() == ']') {
+                            return;
+                        }
+                        x.back();
+                        break;
+                    case ']':
+                        return;
+                    default:
+                        throw x.syntaxError("Expected a ',' or ']'");
+                }
+            }
+        }
+    }
+
+
+    /**
+     * Construct a JSONArray from a source JSON text.
+     *
+     * @param source A string that begins with
+     *               <code>[</code>&nbsp;<small>(left bracket)</small>
+     *               and ends with <code>]</code>&nbsp;<small>(right bracket)</small>.
+     * @throws JSONException If there is a syntax error.
+     */
+    public JSONArray(String source) throws JSONException {
+        this(new JSONTokener(source));
+    }
+
+
+    /**
+     * Construct a JSONArray from a Collection.
+     *
+     * @param collection A Collection.
+     */
+    public JSONArray(Collection collection) {
+        this.myArrayList = new ArrayList();
+        if (collection != null) {
+            Iterator iter = collection.iterator();
+            while (iter.hasNext()) {
+                this.myArrayList.add(JSONObject.wrap(iter.next()));
+            }
+        }
+    }
+
+
+    /**
+     * Construct a JSONArray from an array
+     *
+     * @throws JSONException If not an array.
+     */
+    public JSONArray(Object array) throws JSONException {
+        this();
+        if (array.getClass().isArray()) {
+            int length = Array.getLength(array);
+            for (int i = 0; i < length; i += 1) {
+                this.put(JSONObject.wrap(Array.get(array, i)));
+            }
+        } else {
+            throw new JSONException(
+                    "JSONArray initial value should be a string or collection or array.");
+        }
+    }
+
+
+    /**
+     * Get the object value associated with an index.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return An object value.
+     * @throws JSONException If there is no value for the index.
+     */
+    public Object get(int index) throws JSONException {
+        Object object = opt(index);
+        if (object == null) {
+            throw new JSONException("JSONArray[" + index + "] not found.");
+        }
+        return object;
+    }
+
+
+    /**
+     * Get the boolean value associated with an index.
+     * The string values "true" and "false" are converted to boolean.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return The truth.
+     * @throws JSONException If there is no value for the index or if the
+     *                       value is not convertible to boolean.
+     */
+    public boolean getBoolean(int index) throws JSONException {
+        Object object = get(index);
+        if (object.equals(Boolean.FALSE) ||
+                (object instanceof String &&
+                        ((String) object).equalsIgnoreCase("false"))) {
+            return false;
+        } else if (object.equals(Boolean.TRUE) ||
+                (object instanceof String &&
+                        ((String) object).equalsIgnoreCase("true"))) {
+            return true;
+        }
+        throw new JSONException("JSONArray[" + index + "] is not a boolean.");
+    }
+
+
+    /**
+     * Get the double value associated with an index.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return The value.
+     * @throws JSONException If the key is not found or if the value cannot
+     *                       be converted to a number.
+     */
+    public double getDouble(int index) throws JSONException {
+        Object object = get(index);
+        try {
+            return object instanceof Number ?
+                    ((Number) object).doubleValue() :
+                    Double.parseDouble((String) object);
+        } catch (Exception e) {
+            throw new JSONException("JSONArray[" + index +
+                    "] is not a number.");
+        }
+    }
+
+
+    /**
+     * Get the int value associated with an index.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return The value.
+     * @throws JSONException If the key is not found or if the value is not a number.
+     */
+    public int getInt(int index) throws JSONException {
+        Object object = get(index);
+        try {
+            return object instanceof Number ?
+                    ((Number) object).intValue() :
+                    Integer.parseInt((String) object);
+        } catch (Exception e) {
+            throw new JSONException("JSONArray[" + index +
+                    "] is not a number.");
+        }
+    }
+
+
+    /**
+     * Get the JSONArray associated with an index.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return A JSONArray value.
+     * @throws JSONException If there is no value for the index. or if the
+     *                       value is not a JSONArray
+     */
+    public JSONArray getJSONArray(int index) throws JSONException {
+        Object object = get(index);
+        if (object instanceof JSONArray) {
+            return (JSONArray) object;
+        }
+        throw new JSONException("JSONArray[" + index +
+                "] is not a JSONArray.");
+    }
+
+
+    /**
+     * Get the JSONObject associated with an index.
+     *
+     * @param index subscript
+     * @return A JSONObject value.
+     * @throws JSONException If there is no value for the index or if the
+     *                       value is not a JSONObject
+     */
+    public JSONObject getJSONObject(int index) throws JSONException {
+        Object object = get(index);
+        if (object instanceof JSONObject) {
+            return (JSONObject) object;
+        }
+        throw new JSONException("JSONArray[" + index +
+                "] is not a JSONObject.");
+    }
+
+
+    /**
+     * Get the long value associated with an index.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return The value.
+     * @throws JSONException If the key is not found or if the value cannot
+     *                       be converted to a number.
+     */
+    public long getLong(int index) throws JSONException {
+        Object object = get(index);
+        try {
+            return object instanceof Number ?
+                    ((Number) object).longValue() :
+                    Long.parseLong((String) object);
+        } catch (Exception e) {
+            throw new JSONException("JSONArray[" + index +
+                    "] is not a number.");
+        }
+    }
+
+
+    /**
+     * Get the string associated with an index.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return A string value.
+     * @throws JSONException If there is no string value for the index.
+     */
+    public String getString(int index) throws JSONException {
+        Object object = get(index);
+        if (object instanceof String) {
+            return (String) object;
+        }
+        throw new JSONException("JSONArray[" + index + "] not a string.");
+    }
+
+
+    /**
+     * Determine if the value is null.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return true if the value at the index is null, or if there is no value.
+     */
+    public boolean isNull(int index) {
+        return JSONObject.NULL.equals(opt(index));
+    }
+
+
+    /**
+     * Make a string from the contents of this JSONArray. The
+     * <code>separator</code> string is inserted between each element.
+     * Warning: This method assumes that the data structure is acyclical.
+     *
+     * @param separator A string that will be inserted between the elements.
+     * @return a string.
+     * @throws JSONException If the array contains an invalid number.
+     */
+    public String join(String separator) throws JSONException {
+        int len = length();
+        StringBuffer sb = new StringBuffer();
+
+        for (int i = 0; i < len; i += 1) {
+            if (i > 0) {
+                sb.append(separator);
+            }
+            sb.append(JSONObject.valueToString(this.myArrayList.get(i)));
+        }
+        return sb.toString();
+    }
+
+
+    /**
+     * Get the number of elements in the JSONArray, included nulls.
+     *
+     * @return The length (or size).
+     */
+    public int length() {
+        return this.myArrayList.size();
+    }
+
+
+    /**
+     * Get the optional object value associated with an index.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return An object value, or null if there is no
+     * object at that index.
+     */
+    public Object opt(int index) {
+        return (index < 0 || index >= length()) ?
+                null : this.myArrayList.get(index);
+    }
+
+
+    /**
+     * Get the optional boolean value associated with an index.
+     * It returns false if there is no value at that index,
+     * or if the value is not Boolean.TRUE or the String "true".
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return The truth.
+     */
+    public boolean optBoolean(int index) {
+        return optBoolean(index, false);
+    }
+
+
+    /**
+     * Get the optional boolean value associated with an index.
+     * It returns the defaultValue if there is no value at that index or if
+     * it is not a Boolean or the String "true" or "false" (case insensitive).
+     *
+     * @param index        The index must be between 0 and length() - 1.
+     * @param defaultValue A boolean default.
+     * @return The truth.
+     */
+    public boolean optBoolean(int index, boolean defaultValue) {
+        try {
+            return getBoolean(index);
+        } catch (Exception e) {
+            return defaultValue;
+        }
+    }
+
+
+    /**
+     * Get the optional double value associated with an index.
+     * NaN is returned if there is no value for the index,
+     * or if the value is not a number and cannot be converted to a number.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return The value.
+     */
+    public double optDouble(int index) {
+        return optDouble(index, Double.NaN);
+    }
+
+
+    /**
+     * Get the optional double value associated with an index.
+     * The defaultValue is returned if there is no value for the index,
+     * or if the value is not a number and cannot be converted to a number.
+     *
+     * @param index        subscript
+     * @param defaultValue The default value.
+     * @return The value.
+     */
+    public double optDouble(int index, double defaultValue) {
+        try {
+            return getDouble(index);
+        } catch (Exception e) {
+            return defaultValue;
+        }
+    }
+
+
+    /**
+     * Get the optional int value associated with an index.
+     * Zero is returned if there is no value for the index,
+     * or if the value is not a number and cannot be converted to a number.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return The value.
+     */
+    public int optInt(int index) {
+        return optInt(index, 0);
+    }
+
+
+    /**
+     * Get the optional int value associated with an index.
+     * The defaultValue is returned if there is no value for the index,
+     * or if the value is not a number and cannot be converted to a number.
+     *
+     * @param index        The index must be between 0 and length() - 1.
+     * @param defaultValue The default value.
+     * @return The value.
+     */
+    public int optInt(int index, int defaultValue) {
+        try {
+            return getInt(index);
+        } catch (Exception e) {
+            return defaultValue;
+        }
+    }
+
+
+    /**
+     * Get the optional JSONArray associated with an index.
+     *
+     * @param index subscript
+     * @return A JSONArray value, or null if the index has no value,
+     * or if the value is not a JSONArray.
+     */
+    public JSONArray optJSONArray(int index) {
+        Object o = opt(index);
+        return o instanceof JSONArray ? (JSONArray) o : null;
+    }
+
+
+    /**
+     * Get the optional JSONObject associated with an index.
+     * Null is returned if the key is not found, or null if the index has
+     * no value, or if the value is not a JSONObject.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return A JSONObject value.
+     */
+    public JSONObject optJSONObject(int index) {
+        Object o = opt(index);
+        return o instanceof JSONObject ? (JSONObject) o : null;
+    }
+
+
+    /**
+     * Get the optional long value associated with an index.
+     * Zero is returned if there is no value for the index,
+     * or if the value is not a number and cannot be converted to a number.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return The value.
+     */
+    public long optLong(int index) {
+        return optLong(index, 0);
+    }
+
+
+    /**
+     * Get the optional long value associated with an index.
+     * The defaultValue is returned if there is no value for the index,
+     * or if the value is not a number and cannot be converted to a number.
+     *
+     * @param index        The index must be between 0 and length() - 1.
+     * @param defaultValue The default value.
+     * @return The value.
+     */
+    public long optLong(int index, long defaultValue) {
+        try {
+            return getLong(index);
+        } catch (Exception e) {
+            return defaultValue;
+        }
+    }
+
+
+    /**
+     * Get the optional string value associated with an index. It returns an
+     * empty string if there is no value at that index. If the value
+     * is not a string and is not null, then it is coverted to a string.
+     *
+     * @param index The index must be between 0 and length() - 1.
+     * @return A String value.
+     */
+    public String optString(int index) {
+        return optString(index, "");
+    }
+
+
+    /**
+     * Get the optional string associated with an index.
+     * The defaultValue is returned if the key is not found.
+     *
+     * @param index        The index must be between 0 and length() - 1.
+     * @param defaultValue The default value.
+     * @return A String value.
+     */
+    public String optString(int index, String defaultValue) {
+        Object object = opt(index);
+        return object != null ? object.toString() : defaultValue;
+    }
+
+
+    /**
+     * Append a boolean value. This increases the array's length by one.
+     *
+     * @param value A boolean value.
+     * @return this.
+     */
+    public JSONArray put(boolean value) {
+        put(value ? Boolean.TRUE : Boolean.FALSE);
+        return this;
+    }
+
+
+    /**
+     * Put a value in the JSONArray, where the value will be a
+     * JSONArray which is produced from a Collection.
+     *
+     * @param value A Collection value.
+     * @return this.
+     */
+    public JSONArray put(Collection value) {
+        put(new JSONArray(value));
+        return this;
+    }
+
+
+    /**
+     * Append a double value. This increases the array's length by one.
+     *
+     * @param value A double value.
+     * @return this.
+     * @throws JSONException if the value is not finite.
+     */
+    public JSONArray put(double value) throws JSONException {
+        Double d = new Double(value);
+        JSONObject.testValidity(d);
+        put(d);
+        return this;
+    }
+
+
+    /**
+     * Append an int value. This increases the array's length by one.
+     *
+     * @param value An int value.
+     * @return this.
+     */
+    public JSONArray put(int value) {
+        put(new Integer(value));
+        return this;
+    }
+
+
+    /**
+     * Append an long value. This increases the array's length by one.
+     *
+     * @param value A long value.
+     * @return this.
+     */
+    public JSONArray put(long value) {
+        put(new Long(value));
+        return this;
+    }
+
+
+    /**
+     * Put a value in the JSONArray, where the value will be a
+     * JSONObject which is produced from a Map.
+     *
+     * @param value A Map value.
+     * @return this.
+     */
+    public JSONArray put(Map value) {
+        put(new JSONObject(value));
+        return this;
+    }
+
+
+    /**
+     * Append an object value. This increases the array's length by one.
+     *
+     * @param value An object value.  The value should be a
+     *              Boolean, Double, Integer, JSONArray, JSONObject, Long, or String, or the
+     *              JSONObject.NULL object.
+     * @return this.
+     */
+    public JSONArray put(Object value) {
+        this.myArrayList.add(value);
+        return this;
+    }
+
+
+    /**
+     * Put or replace a boolean value in the JSONArray. If the index is greater
+     * than the length of the JSONArray, then null elements will be added as
+     * necessary to pad it out.
+     *
+     * @param index The subscript.
+     * @param value A boolean value.
+     * @return this.
+     * @throws JSONException If the index is negative.
+     */
+    public JSONArray put(int index, boolean value) throws JSONException {
+        put(index, value ? Boolean.TRUE : Boolean.FALSE);
+        return this;
+    }
+
+
+    /**
+     * Put a value in the JSONArray, where the value will be a
+     * JSONArray which is produced from a Collection.
+     *
+     * @param index The subscript.
+     * @param value A Collection value.
+     * @return this.
+     * @throws JSONException If the index is negative or if the value is
+     *                       not finite.
+     */
+    public JSONArray put(int index, Collection value) throws JSONException {
+        put(index, new JSONArray(value));
+        return this;
+    }
+
+
+    /**
+     * Put or replace a double value. If the index is greater than the length of
+     * the JSONArray, then null elements will be added as necessary to pad
+     * it out.
+     *
+     * @param index The subscript.
+     * @param value A double value.
+     * @return this.
+     * @throws JSONException If the index is negative or if the value is
+     *                       not finite.
+     */
+    public JSONArray put(int index, double value) throws JSONException {
+        put(index, new Double(value));
+        return this;
+    }
+
+
+    /**
+     * Put or replace an int value. If the index is greater than the length of
+     * the JSONArray, then null elements will be added as necessary to pad
+     * it out.
+     *
+     * @param index The subscript.
+     * @param value An int value.
+     * @return this.
+     * @throws JSONException If the index is negative.
+     */
+    public JSONArray put(int index, int value) throws JSONException {
+        put(index, new Integer(value));
+        return this;
+    }
+
+
+    /**
+     * Put or replace a long value. If the index is greater than the length of
+     * the JSONArray, then null elements will be added as necessary to pad
+     * it out.
+     *
+     * @param index The subscript.
+     * @param value A long value.
+     * @return this.
+     * @throws JSONException If the index is negative.
+     */
+    public JSONArray put(int index, long value) throws JSONException {
+        put(index, new Long(value));
+        return this;
+    }
+
+
+    /**
+     * Put a value in the JSONArray, where the value will be a
+     * JSONObject that is produced from a Map.
+     *
+     * @param index The subscript.
+     * @param value The Map value.
+     * @return this.
+     * @throws JSONException If the index is negative or if the the value is
+     *                       an invalid number.
+     */
+    public JSONArray put(int index, Map value) throws JSONException {
+        put(index, new JSONObject(value));
+        return this;
+    }
+
+
+    /**
+     * Put or replace an object value in the JSONArray. If the index is greater
+     * than the length of the JSONArray, then null elements will be added as
+     * necessary to pad it out.
+     *
+     * @param index The subscript.
+     * @param value The value to put into the array. The value should be a
+     *              Boolean, Double, Integer, JSONArray, JSONObject, Long, or String, or the
+     *              JSONObject.NULL object.
+     * @return this.
+     * @throws JSONException If the index is negative or if the the value is
+     *                       an invalid number.
+     */
+    public JSONArray put(int index, Object value) throws JSONException {
+        JSONObject.testValidity(value);
+        if (index < 0) {
+            throw new JSONException("JSONArray[" + index + "] not found.");
+        }
+        if (index < length()) {
+            this.myArrayList.set(index, value);
+        } else {
+            while (index != length()) {
+                put(JSONObject.NULL);
+            }
+            put(value);
+        }
+        return this;
+    }
+
+
+    /**
+     * Remove an index and close the hole.
+     *
+     * @param index The index of the element to be removed.
+     * @return The value that was associated with the index,
+     * or null if there was no value.
+     */
+    public Object remove(int index) {
+        Object o = opt(index);
+        this.myArrayList.remove(index);
+        return o;
+    }
+
+
+    /**
+     * Produce a JSONObject by combining a JSONArray of names with the values
+     * of this JSONArray.
+     *
+     * @param names A JSONArray containing a list of key strings. These will be
+     *              paired with the values.
+     * @return A JSONObject, or null if there are no names or if this JSONArray
+     * has no values.
+     * @throws JSONException If any of the names are null.
+     */
+    public JSONObject toJSONObject(JSONArray names) throws JSONException {
+        if (names == null || names.length() == 0 || length() == 0) {
+            return null;
+        }
+        JSONObject jo = new JSONObject();
+        for (int i = 0; i < names.length(); i += 1) {
+            jo.put(names.getString(i), this.opt(i));
+        }
+        return jo;
+    }
+
+
+    /**
+     * Make a JSON text of this JSONArray. For compactness, no
+     * unnecessary whitespace is added. If it is not possible to produce a
+     * syntactically correct JSON text then null will be returned instead. This
+     * could occur if the array contains an invalid number.
+     * <p>
+     * Warning: This method assumes that the data structure is acyclical.
+     *
+     * @return a printable, displayable, transmittable
+     * representation of the array.
+     */
+    public String toString() {
+        try {
+            return '[' + join(",") + ']';
+        } catch (Exception e) {
+            return null;
+        }
+    }
+
+
+    /**
+     * Make a prettyprinted JSON text of this JSONArray.
+     * Warning: This method assumes that the data structure is acyclical.
+     *
+     * @param indentFactor The number of spaces to add to each level of
+     *                     indentation.
+     * @return a printable, displayable, transmittable
+     * representation of the object, beginning
+     * with <code>[</code>&nbsp;<small>(left bracket)</small> and ending
+     * with <code>]</code>&nbsp;<small>(right bracket)</small>.
+     * @throws JSONException
+     */
+    public String toString(int indentFactor) throws JSONException {
+        return toString(indentFactor, 0);
+    }
+
+
+    /**
+     * Make a prettyprinted JSON text of this JSONArray.
+     * Warning: This method assumes that the data structure is acyclical.
+     *
+     * @param indentFactor The number of spaces to add to each level of
+     *                     indentation.
+     * @param indent       The indention of the top level.
+     * @return a printable, displayable, transmittable
+     * representation of the array.
+     * @throws JSONException
+     */
+    String toString(int indentFactor, int indent) throws JSONException {
+        int len = length();
+        if (len == 0) {
+            return "[]";
+        }
+        int i;
+        StringBuffer sb = new StringBuffer("[");
+        if (len == 1) {
+            sb.append(JSONObject.valueToString(this.myArrayList.get(0),
+                    indentFactor, indent));
+        } else {
+            int newindent = indent + indentFactor;
+            sb.append('\n');
+            for (i = 0; i < len; i += 1) {
+                if (i > 0) {
+                    sb.append(",\n");
+                }
+                for (int j = 0; j < newindent; j += 1) {
+                    sb.append(' ');
+                }
+                sb.append(JSONObject.valueToString(this.myArrayList.get(i),
+                        indentFactor, newindent));
+            }
+            sb.append('\n');
+            for (i = 0; i < indent; i += 1) {
+                sb.append(' ');
+            }
+        }
+        sb.append(']');
+        return sb.toString();
+    }
+
+
+    /**
+     * Write the contents of the JSONArray as JSON text to a writer.
+     * For compactness, no whitespace is added.
+     * <p>
+     * Warning: This method assumes that the data structure is acyclical.
+     *
+     * @return The writer.
+     * @throws JSONException
+     */
+    public Writer write(Writer writer) throws JSONException {
+        try {
+            boolean b = false;
+            int len = length();
+
+            writer.write('[');
+
+            for (int i = 0; i < len; i += 1) {
+                if (b) {
+                    writer.write(',');
+                }
+                Object v = this.myArrayList.get(i);
+                if (v instanceof JSONObject) {
+                    ((JSONObject) v).write(writer);
+                } else if (v instanceof JSONArray) {
+                    ((JSONArray) v).write(writer);
+                } else {
+                    writer.write(JSONObject.valueToString(v));
+                }
+                b = true;
+            }
+            writer.write(']');
+            return writer;
+        } catch (IOException e) {
+            throw new JSONException(e);
+        }
+    }
+}
@@ -0,0 +1,46 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils.json;
+
+/**
+ * The JSONException is thrown by the JSON.org classes when things are amiss.
+ *
+ * @author JSON.org
+ * @version 2010-12-24
+ */
+public class JSONException extends Exception {
+    private static final long serialVersionUID = 0;
+    private Throwable cause;
+
+    /**
+     * Constructs a JSONException with an explanatory message.
+     *
+     * @param message Detail about the reason for the exception.
+     */
+    public JSONException(String message) {
+        super(message);
+    }
+
+    public JSONException(Throwable cause) {
+        super(cause.getMessage());
+        this.cause = cause;
+    }
+
+    public Throwable getCause() {
+        return this.cause;
+    }
+}
@@ -0,0 +1,456 @@
+/*
+ * Copyright 2026 Dawson Hessler
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package dev.brighten.antivpn.utils.json;
+
+import java.util.Iterator;
+
+
+/**
+ * This provides static methods to convert an XML text into a JSONArray or
+ * JSONObject, and to covert a JSONArray or JSONObject into an XML text using
+ * the JsonML transform.
+ *
+ * @author JSON.org
+ * @version 2010-12-23
+ */
+public class JSONML {
+
+    /**
+     * Parse XML values and store them in a JSONArray.
+     *
+     * @param x         The XMLTokener containing the source string.
+     * @param arrayForm true if array form, false if object form.
+     * @param ja        The JSONArray that is containing the current tag or null
+     *                  if we are at the outermost level.
+     * @return A JSONArray if the value is the outermost tag, otherwise null.
+     * @throws JSONException
+     */
+    private static Object parse(XMLTokener x, boolean arrayForm,
+                                JSONArray ja) throws JSONException {
+        String attribute;
+        char c;
+        String closeTag = null;
+        int i;
+        JSONArray newja = null;
+        JSONObject newjo = null;
+        Object token;
+        String tagName = null;
+
+// Test for and skip past these forms:
+//      <!-- ... -->
+//      <![  ... ]]>
+//      <!   ...   >
+//      <?   ...  ?>
+
+        while (true) {
+            token = x.nextContent();
+            if (token == XML.LT) {
+                token = x.nextToken();
+                if (token instanceof Character) {
+                    if (token == XML.SLASH) {
+
+// Close tag </
+
+                        token = x.nextToken();
+                        if (!(token instanceof String)) {
+                            throw new JSONException(
+                                    "Expected a closing name instead of '" +
+                                            token + "'.");
+                        }
+                        if (x.nextToken() != XML.GT) {
+                            throw x.syntaxError("Misshaped close tag");
+                        }
+                        return token;
+                    } else if (token == XML.BANG) {
+
+// <!
+
+                        c = x.next();
+                        if (c == '-') {
+                            if (x.next() == '-') {
+                                x.skipPast("-->");
+                            }
+                            x.back();
+                        } else if (c == '[') {
+                            token = x.nextToken();
+                            if (token.equals("CDATA") && x.next() == '[') {
+                                if (ja != null) {
+                                    ja.put(x.nextCDATA());
+                                }
+                            } else {
+                                throw x.syntaxError("Expected 'CDATA['");
+                            }
+                        } else {
+                            i = 1;
+                            do {
+                                token = x.nextMeta();
+                                if (token == null) {
+                                    throw x.syntaxError("Missing '>' after '<!'.");
+                                } else if (token == XML.LT) {
+                                    i += 1;
+                                } else if (token == XML.GT) {
+                                    i -= 1;
+                                }
+                            } while (i > 0);
+                        }
+                    } else if (token == XML.QUEST) {
+
+// <?
+
+                        x.skipPast("?>");
+                    } else {
+                        throw x.syntaxError("Misshaped tag");
+                    }
+
+// Open tag <
+
+                } else {
+                    if (!(token instanceof String)) {
+                        throw x.syntaxError("Bad tagName '" + token + "'.");
+                    }
+                    tagName = (String) token;
+                    newja = new JSONArray();
+                    newjo = new JSONObject();
+                    if (arrayForm) {
+                        newja.put(tagName);
+                        if (ja != null) {
+                            ja.put(newja);
+                        }
+                    } else {
+                        newjo.put("tagName", tagName);
+                        if (ja != null) {
+                            ja.put(newjo);
+                        }
+                    }
+                    token = null;
+                    for (; ; ) {
+                        if (token == null) {
+                            token = x.nextToken();
+                        }
+                        if (token == null) {
+                            throw x.syntaxError("Misshaped tag");
+                        }
+                        if (!(token instanceof String)) {
+                            break;
+                        }
+
+// attribute = value
+
+                        attribute = (String) token;
+                        if (!arrayForm && (attribute == "tagName" || attribute == "childNode")) {
+                            throw x.syntaxError("Reserved attribute.");
+                        }
+                        token = x.nextToken();
+                        if (token == XML.EQ) {
+                            token = x.nextToken();
+                            if (!(token instanceof String)) {
+                                throw x.syntaxError("Missing value");
+                            }
+                            newjo.accumulate(attribute, XML.stringToValue((String) token));
+                            token = null;
+                        } else {
+                            newjo.accumulate(attribute, "");
+                        }
+                    }
+                    if (arrayForm && newjo.length() > 0) {
+                        newja.put(newjo);
+                    }
+
+// Empty tag <.../>
+
+                    if (token == XML.SLASH) {
+                        if (x.nextToken() != XML.GT) {
+                            throw x.syntaxError("Misshaped tag");
+                        }
+                        if (ja == null) {
+                            if (arrayForm) {
+                                return newja;
+                            } else {
+                                return newjo;
+                            }
+                        }
+
+// Content, between <...> and </...>
+
+                    } else {
+                        if (token != XML.GT) {
+                            throw x.syntaxError("Misshaped tag");
+                        }
+                        closeTag = (String) parse(x, arrayForm, newja);
+                        if (closeTag != null) {
+                            if (!closeTag.equals(tagName)) {
+                                throw x.syntaxError("Mismatched '" + tagName +
+                                        "' and '" + closeTag + "'");
+                            }
+                            tagName = null;
+                            if (!arrayForm && newja.length() > 0) {
+                                newjo.put("childNodes", newja);
+                            }
+                            if (ja == null) {
+                                if (arrayForm) {
+                                    return newja;
+                                } else {
+                                    return newjo;
+                                }
+                            }
+                        }
+                    }
+                }
+            } else {
+                if (ja != null) {
+                    ja.put(token instanceof String ?
+                            XML.stringToValue((String) token) : token);
+                }
+            }
+        }
+    }
+
+
+    /**
+     * Convert a well-formed (but not necessarily valid) XML string into a
+     * JSONArray using the JsonML transform. Each XML tag is represented as
+     * a JSONArray in which the first element is the tag name. If the tag has
+     * attributes, then the second element will be JSONObject containing the
+     * name/value pairs. If the tag contains children, then strings and
+     * JSONArrays will represent the child tags.
+     * Comments, prologs, DTDs, and <code>&lt;[ [ ]]></code> are ignored.
+     *
+     * @param string The source string.
+     * @return A JSONArray containing the structured data from the XML string.
+     * @throws JSONException
+     */
+    public static JSONArray toJSONArray(String string) throws JSONException {
+        return toJSONArray(new XMLTokener(string));
+    }
+
+
+    /**
+     * Convert a well-formed (but not necessarily valid) XML string into a
+     * JSONArray using the JsonML transform. Each XML tag is represented as
+     * a JSONArray in which the first element is the tag name. If the tag has
+     * attributes, then the second element will be JSONObject containing the
+     * name/value pairs. If the tag contains children, then strings and
+     * JSONArrays will represent the child content and tags.
+     * Comments, prologs, DTDs, and <code>&lt;[ [ ]]></code> are ignored.
+     *
+     * @param x An XMLTokener.
+     * @return A JSONArray containing the structured data from the XML string.
+     * @throws JSONException
+     */
+    public static JSONArray toJSONArray(XMLTokener x) throws JSONException {
+        return (JSONArray) parse(x, true, null);
+    }
+
+
+    /**
+     * Convert a well-formed (but not necessarily valid) XML string into a
+     * JSONObject using the JsonML transform. Each XML tag is represented as
+     * a JSONObject with a "tagName" property. If the tag has attributes, then
+     * the attributes will be in the JSONObject as properties. If the tag
+     * contains children, the object will have a "childNodes" property which
+     * will be an array of strings and JsonML JSONObjects.
+     * <p>
+     * Comments, prologs, DTDs, and <code>&lt;[ [ ]]></code> are ignored.
+     *
+     * @param x An XMLTokener of the XML source text.
+     * @return A JSONObject containing the structured data from the XML string.
+     * @throws JSONException
+     */
+    public static JSONObject toJSONObject(XMLTokener x) throws JSONException {
+        return (JSONObject) parse(x, false, null);
+    }
+
+
+    /**
+     * Convert a well-formed (but not necessarily valid) XML string into a
+     * JSONObject using the JsonML transform. Each XML tag is represented as
+     * a JSONObject with a "tagName" property. If the tag has attributes, then
+     * the attributes will be in the JSONObject as properties. If the tag
+     * contains children, the object will have a "childNodes" property which
+     * will be an array of strings and JsonML JSONObjects.
+     * <p>
+     * Comments, prologs, DTDs, and <code>&lt;[ [ ]]></code> are ignored.
+     *
+     * @param string The XML source text.
+     * @return A JSONObject containing the structured data from the XML string.
+     * @throws JSONException
+     */
+    public static JSONObject toJSONObject(String string) throws JSONException {
+        return toJSONObject(new XMLTokener(string));
+    }
+
+
+    /**
+     * Reverse the JSONML transformation, making an XML text from a JSONArray.
+     *
+     * @param ja A JSONArray.
+     * @return An XML string.
+     * @throws JSONException
+     */
+    public static String toString(JSONArray ja) throws JSONException {
+        int i;
+        JSONObject jo;
+        String key;
+        Iterator keys;
+        int length;
+        Object object;
+        StringBuffer sb = new StringBuffer();
+        String tagName;
+        String value;
+
+// Emit <tagName	    
+
+        tagName = ja.getString(0);
+        XML.noSpace(tagName);
+        tagName = XML.escape(tagName);
+        sb.append('<');
+        sb.append(tagName);
+
+        object = ja.opt(1);
+        if (object instanceof JSONObject) {
+            i = 2;
+            jo = (JSONObject) object;
+
+// Emit the attributes
+
+            keys = jo.keys();
+            while (keys.hasNext()) {
+                key = keys.next().toString();
+                XML.noSpace(key);
+                value = jo.optString(key);
+                if (value != null) {
+                    sb.append(' ');
+                    sb.append(XML.escape(key));
+                    sb.append('=');
+                    sb.append('"');
+                    sb.append(XML.escape(value));
+                    sb.append('"');
+                }
+            }
+        } else {
+            i = 1;
+        }
+
+//Emit content in body
+
+        length = ja.length();
+        if (i >= length) {
+            sb.append('/');
+            sb.append('>');
+        } else {
+            sb.append('>');
+            do {
+                object = ja.get(i);
+                i += 1;
+                if (object != null) {
+                    if (object instanceof String) {
+                        sb.append(XML.escape(object.toString()));
+                    } else if (object instanceof JSONObject) {
+                        sb.append(toString((JSONObject) object));
+                    } else if (object instanceof JSONArray) {
+                        sb.append(toString((JSONArray) object));
+                    }
+                }
+            } while (i < length);
+            sb.append('<');
+            sb.append('/');
+            sb.append(tagName);
+            sb.append('>');
+        }
+        return sb.toString();
+    }
+
+    /**
+     * Reverse the JSONML transformation, making an XML text from a JSONObject.
+     * The JSONObject must contain a "tagName" property. If it has children,
+     * then it must have a "childNodes" property containing an array of objects.
+     * The other properties are attributes with string values.
+     *
+     * @param jo A JSONObject.
+     * @return An XML string.
+     * @throws JSONException
+     */
+    public static String toString(JSONObject jo) throws JSONException {
+        StringBuffer sb = new StringBuffer();
+        int i;
+        JSONArray ja;
+        String key;
+        Iterator keys;
+        int length;
+        Object object;
+        String tagName;
+        String value;
+
+//Emit <tagName
+
+        tagName = jo.optString("tagName");
+        if (tagName == null) {
+            return XML.escape(jo.toString());
+        }
+        XML.noSpace(tagName);
+        tagName = XML.escape(tagName);
+        sb.append('<');
+        sb.append(tagName);
+
+//Emit the attributes
+
+        keys = jo.keys();
+        while (keys.hasNext()) {
+            key = keys.next().toString();
+            if (!key.equals("tagName") && !key.equals("childNodes")) {
+                XML.noSpace(key);
+                value = jo.optString(key);
+                if (value != null) {
+                    sb.append(' ');
+                    sb.append(XML.escape(key));
+                    sb.append('=');
+                    sb.append('"');
+                    sb.append(XML.escape(value));
+                    sb.append('"');
+                }
+            }
+        }
+
+//Emit content in body
+
+        ja = jo.optJSONArray("childNodes");
+        if (ja == null) {
+            sb.append('/');
+            sb.append('>');
+        } else {
+            sb.append('>');
+            length = ja.length();
+            for (i = 0; i < length; i += 1) {
+                object = ja.get(i);
+                if (object != null) {
+                    if (object instanceof String) {
+                        sb.append(XML.escape(object.toString()));
+                    } else if (object instanceof JSONObject) {
+                        sb.append(toString((JSONObject) object));
+                    } else if (object instanceof JSONArray) {
+                        sb.append(toString((JSONArray) object));
+                    }
+                }
+            }
+            sb.append('<');
+            sb.append('/');
+            sb.append(tagName);
+            sb.append('>');
+        }
+        return sb.toString();
+    }
+}
--- a/Show More
+++ b/Show More