1. Set up roles and permissions

Roles are one of the building blocks of managing a Discord server. They give your members a fancy color, but more importantly, each role comes with a set of permissions that control what your members can and cannot do on the server. With roles, you can give members and bots administrative permissions like kicking or banning members, adding or removing channels, and pinging @everyone.

You can find these options by going into your Server Settings and selecting Roles.

Assign permissions with care! Certain permissions allow members to make changes to your server and channels. These permissions are a great moderation tool, but be wary of who you grant this power. Changes made to your server can’t be undone.

You can learn more about the technical side of implementing roles and permissions in Role Management 101 and our How Do I Set Up Permissions? article.

2. Set a verification level

Server verification levels allow you to control who can send messages in your server. Setting a high verification level is a great way to protect your server from spammers or raids. You can find this option by going into your Server Settings and selecting Moderation.


Verification levels
  • None - All new members on the server can start chatting immediately with no restrictions.
  • Low - Members on the server must have a verified email on their Discord account to begin chatting. We recommend this setting for any server where you’re putting an invite link on the internet!
  • Medium - Members on the server must have a verified email and their Discord account must be at least 5 minutes old to begin chatting.
  • High - Users must meet all of the previous requirements and also must be a member of the server for at least 10 minutes to begin chatting. This is a good way to stall raids. Most raiders don’t have the patience to wait ten minutes before they spam the channel.
  • Highest - Members must have a verified phone number on their Discord account. This is the highest level of requirement. 
3. Enable server-wide 2FA 

When enabled, server-wide two-factor authentication (2FA) requires all of your moderators and administrators to have 2FA enabled on their accounts in order to take administrative actions, like deleting messages. You can read more about 2FA here.


By requiring all admin accounts to have 2FA turned on, you protect your server from malicious users who might try to compromise one of your moderators or administrators accounts and then make unwanted changes to your server. You can find the Server 2FA button by going to one of your moderators' or administrators' accounts.

You must have 2FA enabled on your own account before you can enable this option!

4. Turn on the age-restricted content filter

Turning on the Age-Restricted Content Filtering will automatically detect and delete images and uploads deemed inappropriate. This allows your members to share content like images and embeds, while reducing the risk of age-restricted material shown in Safe For Work (SFW) channels.


You can find this option by going to your Server Settings and selecting Moderation.

Age-Restricted Content settings
  • Don’t scan any media content - Discord will not proactively delete any media sent in your server that contains age-restricted content. Note that we still scan every media uploaded to Discord for child safety content.
  • Scan media content from members without a role - Discord will automatically scan and delete age-restricted content sent by users without roles. This is the recommended option for servers that use roles for trusted members.
  • Scan media content from all members - Discord will automatically scan and delete age-restricted content from all members, regardless of roles.