AntiCheat Script (Local)

Okay, I transformed the LocalScript into a Script. Nothing seems wrong yet, but I will test it shortly.

local Players = game:GetService("Players")

local StarterGui = game:GetService("StarterGui")

local ReplicatedStorage = game:GetService("ReplicatedStorage")
local CheatEvent = ReplicatedStorage.CheatEvent

Players.PlayerAdded:Connect(function(Player)
	local Character = Player.Character
	local Humanoid = Character:WaitForChild("Humanoid")
	
	while wait(1) do
		-- Basic Exploits
		if Humanoid.WalkSpeed >= 17 then
			local reason = "WalkSpeed exceeds 16"
			CheatEvent:FireServer(reason)
			task.wait(1)
			Player:Kick("\nYou've been kicked from this server.\nReason: Potential Cheats\nIf there is a mistake, contact me on Roblox.")
		end 
		if Humanoid.JumpPower >= 51 then
			local reason = "Jump Power exceeds 50"
			CheatEvent:FireServer(reason)
			task.wait(1)
			Player:Kick("\nYou've been kicked from this server.\nReason: Potential Cheats\nIf there is a mistake, contact me on Roblox.")
		end
		if Humanoid.MaxHealth > 100 then
			local reason = "Extra Health"
			CheatEvent:FireServer(reason)
			task.wait(1)
			Player:Kick("\nYou've been kicked from this server.\nReason: Potential Cheats\nIf there is a mistake, contact me on Roblox.")
		end

		-- AntiFly
		if Character == false then continue end
		if Humanoid == false then continue end
		local HumanoidState = Humanoid:GetState()
		if HumanoidState == Enum.HumanoidStateType.PlatformStanding then
			local reason = "Flying"
			CheatEvent:FireServer(reason)
			task.wait(1)
			Player:Kick("\nYou've been kicked from this server.\nReason: Potential Cheats\nIf there is a mistake, contact me on Roblox.")
		end
	end
end)

UPDATE: WalkSpeed detection does work, so everything in here should be fine. Before anything, I’ve already tested everything inside of the LocalScript so I know if anything works or not before this.

What happens when the player just does teleport hacking and keeps the walkspeed the same? Also doesn’t the walkspeed only update locally when you do these types of hacks?

umm that doesnt work… because they change the walkspeed on client and the server shouldnt be able to detect the walkspeed

Exactly! thats what happens a server wont detect it if it changes on client

I’ll see what I can do for just teleporting.

Well I tested it, and your right. Do you have any ideas on how to fix it?

it isnt a matter of fix, u need to write ur own anti cheat, just checking for walkspeed wont do the trick, u gotta save the players position and when they change their position look for the distance and calculate the actual distance it wouldve taken if their walkspeed is 16 if the distance is more than the one u calculated then they might be exploiting or have high ping so u gotta also calculate the ping somehow

Alright, I’ll do that. Thanks for the reply.

No problem, if theres any more porblems than feel free to message me!

What do you mean? This guy is one of the smartest developers I’ve ever seen in my life, his way of not actually doing any research about ways of creating a decent anti-cheat, on top of that creating a whole thread about it, is amazing.

At this point, that is just sarcasm.

Here is a good post about what exploits can and can’t do, and what you can do to prevent them.

I also advise you to learn the client and server relationship, and how replication works.

If you’re starting out focus on server sided anti-cheats as they are easier and require less maintenance, after you can try client sided anti-cheats.

Just make sure you configure them correctly, also the Humanoid.MaxHealth and Humanoid.Health don’t replicate to the server which means exploiters cannot change these values.

Let’s all be honest though it could still catch someone, if they were to just change their Walk Speed they’d get detected - regardless of if they were to notice the script later in the future.

Same concept phishing attacks use, even if you’re aware of them you can still be susceptible to them as most links that you get sent aren’t malicious… right .

Anyone who knows what they’re doing though will bypass this instantly, as anything done on the client can’t be trusted.

Why don’t you use humanoid events such as HealthChanged or state changed to check its properties instead of having a while loop to do everything?

I agree with Xofail. For these sorts of detections, they can be easily server-sided (since they’re physics-based), so you can use the resources and other popular anti-cheats in the resources category of the DevForum.

These will never pass because if a value doesn’t exist, it’s nil. (nil =/= false).

Not to mention that exploiters can hook your indexing here to make it return false values.

(Plus, don’t use PlayerAdded here on the client; it’ll hook to every player that joins afterwards, and if someone is exploiting, it will fire you (the non cheater), to the server and you’ll be kicked). Also, exploiters can hook your RemoteEvent:FireServer() call

Sorry if I haven’t been responding for most. But, I do appreciate all of the help & feedback. I am working on the server-sided script while also researching each part can do.

I’ve settled to find an AntiCheat script off of the Creator Store. Thanks to everyone who gave suggestions and feedback about my script.

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.