So lets say a server script calls :FireClient(player, WhateverValue)
I know an exploiter can read this value, however can an exploiter also alter this value?
Also exploiters can not call FireClient themselves, Right?
Because currently all they have to do is fire the remote event with fireclient to bypass my system
FireClient() can only be called from a (server) script. Clients cannot use this method, neither for signaling other players nor for firing to themselves. All communication between players has to go by the server.
Once the server sends something to the client, the data and how it is handled flows out of the server’s control.
remoteEvent.OnClientEvent:Connect(function(WhateverValue)
-- Upon receiving, it is up to the client how the data is handled.
end)
So they can alter the data from the remote event?
In that sense, yes, they can. Client have a lot of power over their computers. Server simply sends the information, but it cannot directly control what the client does with it once it is received.
However, if you write your code so that the server always remains the ultimate authority and doesn’t directly trust the clients, you will be fine 
Alright thank you for the help! 
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.