Hello everyone, I’m doing an anti-cheat. It works like this: If a hacker is able to gain access to the Admin Panel, he will be kicked. But when I tested it on myself, deleting my UserId from the table, and dragging the admin panel to PlayerGui (For the test, I moved the Admin Panel to StarterGui), it didn’t kick me. Can you tell me what’s wrong? The script is server-side and inside the script is the admin panel itself. I will be grateful for your help
game.Players.PlayerAdded:Connect(function(player)
if table.find(IDS, player.UserId) then
script.AdminPanel:Clone().Parent = player:WaitForChild("PlayerGui")
elseif not table.find(IDS, player.UserId) and script.AdminPanel.Parent == player:WaitForChild("PlayerGui") or script.AdminPanel.Parent == player:WaitForChild("CoreGui") or script.AdminPanel:WaitForChild("FrameAdminButton").Visible == true or script.AdminPanel:WaitForChild("AdminPanelFrame").Visible == true then
player:Kick("Exploiteeeer")
else
script.AdminPanel:Destroy()
end
end)
Personally i don’t find it needed to take this route.
Why not place the Script with the GUI inside ServerScriptService?
I cannot make a screenshot right now but it should look like:
ServerScriptService
–AdminScriptHere > GUI Inside the AdminScript
Due to it being inside the ServerScriptService, exploiters cannot reach the AdminPanel by changing its parent. (Obviously you should protect the remotes being fired if there are any)
You could make the code look like this:
local IDS = {IDSHERE}
game.Players.PlayerAdded:Connect(function(player)
if table.find(IDS, player.UserId) then
script.AdminPanel:Clone().Parent = player:WaitForChild("PlayerGui")
end
end)
Server never won’t detect it because if the players moves it, it’s only on client side. The only thing u can do is check when an event fires from the admin panel and check the id. IF he using it without permission he gets banned or kicked. As example:
game.ReplicatedStorage.RemoteEvent.OnClientEvent:Connect(function(Player, action)
if not table.find(IDS, player.UserId) then Player:Kick() end
end)
Obviously you should worry about protecting your remotes that are being fired. Do if statements etc, But for the GUI copying, No. I don’t think (correct me if i’m wrong).
Due to the GUI being on the serverside and exploiters not being able to access other peoples PlayerGui. Your Admin panel cloning should be safe with the code i provided.
They can, if it’s placed serverside clients can see it too. But if you make the gui with serverscripts, they can copy the gui but the scripts won’t work for them unless it’s a client script.
Both of this is simply not true. Exploiters cannot see other players PlayerGuis since its not replicated.
They cannot view scripts inside ServerScriptService either, making it a safe place to store your GUI.
