IP bans are a good idea in theory but terrible in practice.
If the network they are on is shared, you’re not just banning them, you’re banning other people on their network. Imagine if they were playing at school. Worse yet, what if they’re on an ISPs subnet?
Not everybody has a static IP address which means in some cases this is entirely redundant.
What stops them from joining your game on another network?
If a user is harassing your user base and yourself it sounds like you should be taking advantage of the Roblox report system and not attempting to ban them from your game. Furthermore, you’ve suggested a system that requires manually banning your players, this doesn’t scale well at all…
If there were any sort of IP banning implemented it should be on Roblox’s end and not ours.
While HWID is a significant improvement it still doesn’t take into account users that share a workstation.
Regardless, this should be handled by Roblox and not developers directly.
Let’s assume I really enjoy playing this game but the developer is not the most proficient scripter. They design an anti-exploit system which penalizes exploiters quite heavily. It turns out their anti-exploit actually throws false positives for high ping players. One day I’ve got a really poor connection, and suddenly I’m banned.
Now imagine that three of my five favorite games to play on Roblox share that anti-exploit system… What is the likelihood I continue to play on the platform?
I am not saying that banning is never the solution, just that it should only be done in the most extreme cases, and consistent across the entire platform. Moreover most of the problems users have discussed in this thread can be overcome through other means.
In regards to AAA games, bans are used to deter a certain player from repeating their actions, not to improve the experience of other players. Your game should be designed to stop exploits reaching other players in the first place so that other users never have a bad experience.
The harsh reality is a system like this would do more damage to Roblox and developers who use it than to exploiters themselves.
I feel that this is a bad idea, and the problem presented can be solved in other ways which are better for the users and the developers.
Security:
A hacker will easily be able to circumvent the ban by switching accounts and masking their ip. You should rather focus on using FilteringEnabled and ensuring that all your events are secure.
Trolls:
This is a task for the Roblox Report System. Contrary to popular belief it does work and is very useful. If you want to keep trolls from your game then I would suggest a vote kick system.
As other people have mentioned there is also the possibility of a script error or a rogue developer banning thousands of players from your game. It’s for a similar reason that DataStores can’t be deleted.
Currently a game I work at has a banning system, to immediately stop users who are bypassing the filter, being obnoxious to other players or otherwise engaging in rulebreaking activities, with a bit of a log so far.
As mentioned by other users in this thread, making a BanService isn’t quite the ideal way - banning players tells them they’re banned, and they’ll know they can bypass this by using an alternative account - if they can’t do that, they can tarnish the game and harass the developers and game staff for banning them.
The better solution, as I see it, is to make a shadowbanning system - this can’t just be a one-solution-fits-all, though, as you have to make sure your features, chat, etc. doesn’t break, and that the target of the shadowban won’t be able to notice that they’re shadowbanned - only that other players cannot see, interact with or receive messages by the target user.
The owner of the game should then unban everyone if he knows a lot of false positives occured. Roblox could also make a limit to how long we can ban someone for if that really is a problem.
@AlgyLacey the report system does work, but when the trolling isn’t as prominent, or it involves actions and not words then it rarely works. In my case, the person/people who werre harassing me were threatening to leak my game and were joining it and actually stealing the map and some of the scripts. I emailed Roblox and I don’t remember exactly what I was told, but nothing happened to the exploiter because they weren’t being obvious about it on Roblox and even though I provided proof and messages of them leaking my map they probably didn’t do anything since it was uploaded outside of Roblox. If there was an IP or HWID ban system, I could just ban them from my games and they would have a much harder time trying to steal it.
Hackers with enough knowledge to steal a game will be able to avoid the IP ban, or they will just use a different computer to steal the game. You can’t track someone who joins the game once on a different computer and an alt account; they’ll steal your game and can do whatever they want and you won’t know a thing about it.
We should rather be talking about how to stop them stealing the game in the first place, although this is nearly impossible since a the geometry and local scripts must be downloaded to the client anyway so they can play the game.
Obviously, I’m not saying that it would prevent them from doing it, but it would make it much harder to do if I banned them at the right moment since most exploits are also tied to HWID.
The issue here is that someone could exploit every single server they join, every single day, admit it in the server chat, being reported dozens of times, and at the end of the day still won’t be moderated. The report abuse button doesn’t help game developers defeat cheaters.
I’m not saying that I support or do not support the topic here, but as far as combatting cheaters, we can not rely on Roblox for any assistance.
