Invite Filter

• Shuts down drive-by advertising and raid recruiters before a moderator sees the message.
• Catches the common obfuscation tricks — discord . gg / code, letter-spaced invites, dsc.gg shorteners — that a naive word or link filter misses.
• Zero configuration: enable the rule, pick an action, and it works.
• Pair with exempt_channels to allow invites only in a partnerships or advertise channel.

Discord invite links in message content. Every pattern requires a code after the domain — the bare phrase discord.gg with no code does not fire.

• discord.gg/CODE
• discord.com/invite/CODE and discordapp.com/invite/CODE
• Spaced variants such as discord . gg / CODE
• Letter-spaced variants such as d i s c o r d . g g / CODE (code is mandatory)
• Third-party invite shorteners dsc.gg/CODE and invite.gg/CODE

• Other invite hosts such as ptb.discord.com/invite or canary.discord.com/invite — the hardcoded patterns target the main domains only.
• Invites embedded in attachments, images, or OCR-readable screenshots.
• Invites inside message embeds (the trigger reads message content only).
• Vanity URLs that redirect through a generic shortener — a bit.ly link that redirects to a Discord invite is a job for Link Filter, not this rule.
• Your own server's invites — the filter matches any invite, including the one for the guild the rule lives in.
• The bare phrase discord.gg with no code after it. Educational mentions (“discord.gg is down”) do not fire.

Invite Filter has no configurable fields. The evaluator reads nothing from trigger_config — the 7 regex patterns are hardcoded at module scope. Leave trigger_config as {}.

The full pattern set covers:

• Plain domain plus code: discord.gg/CODE, discord.com/invite/CODE, discordapp.com/invite/CODE.
• Dotted obfuscation variants of the domain plus code.
• Spaced variants where whitespace is inserted around the dot and slash (discord . gg / CODE).
• Letter-spaced variants where every character is spaced out (d i s c o r d . g g / CODE). A code after the domain is required.
• Third-party invite shorteners: dsc.gg/CODE and invite.gg/CODE.

There is no trigger config to tune. Pair the rule with a sensible action and the right exemptions:

{
  "trigger_config": {},
  "action_type": "delete",
  "action_config": {
    "reason_text": "No external server invites"
  },
  "exempt_roles": ["<moderator-role-id>"],
  "exempt_channels": ["<partnerships-channel-id>"]
}

Run with Mode: Log Only for a few days. Watch the Event Log for false positives (your own vanity slug, staff posts), add the right exemptions, then flip to Live. Escalate from delete to warn or ban if drive-by advertisement spam is a live problem.

• Your own server's invite link inside a staff announcement — exempt that channel, or add your vanity slug to allowlist_words.
• Partner or affiliate servers posting invites in a dedicated advertise channel — add that channel to exempt_channels.
• Users linking to Discord's own support resources that happen to sit on discord.com — the patterns target /invite/CODE, so general support URLs will not match, but a legitimate invite pasted for context still will.
• Quoted invites inside a raid report (“they sent me discord.gg/scam”) — the filter has no concept of context. Exempt the report channel or your staff roles.

• Current behavior: the bare phrase discord.gg with no code does not trigger. Every one of the 7 patterns requires a /CODE tail. This is intentional — educational mentions like “discord.gg is down” used to fire the old letter-spaced pattern, and no longer do.
• Current behavior: there is no config field to whitelist your own server's invites. The filter matches any invite, including the guild's own. The workaround is to add your vanity slug to allowlist_words, or to exempt the channel where you post staff announcements.
• Current behavior: patterns are ASCII-only. Homoglyph attacks that swap in a Cyrillic “c” (disсord.gg/xyz) bypass the filter. Legitimate invites in that form are also unusable, but a determined evader can still slip one past.
• Current behavior: matched_pattern is the raw matched text. The full invite URL, including the code, is stored in the automod_events table and shown to staff viewing the Event Log. Treat the Event Log as privileged.
• Current behavior: the pattern list is hardcoded. Adding a new invite domain (for example, a future discord.new) requires a bot release. There is no admin-side way to extend the pattern set.
• Current behavior: the regex timeout is 50ms per pattern. With 7 patterns, a pathological input could spend up to roughly 350ms inside this rule before it returns. Each pattern is timed independently; an exception or timeout in one pattern is swallowed silently and the others still run.
• Current behavior: allowlist_words short-circuits the rule. If any allowlist word appears anywhere in the message (substring-matched, lowercase), the rule is skipped entirely — useful for whitelisting your own vanity URL slug, but a short entry can accidentally whitelist more than you expect.

Pair this trigger with any of the five AutoMod actions. The most common pairings are delete with a friendly reason for new users, and ban with discord_ban: true for raid or advertisement spam.

• Word Filter — the other built-in content-match trigger. Use for slurs, banned phrases, and server-specific keywords.
• Link Filter — domain-allowlist / blocklist trigger. Catches generic shorteners and scam URLs that do not match an invite pattern.
• Regex Filter — write your own patterns when the hardcoded invite set is not enough (for example, a new invite host that is not yet in the built-in list).
• AutoMod Actions — reference for the five action types you can pair with this trigger.