Are anti-exploits worth buying?

How much would you guys pay for anti-exploit scripts for your game, and what are the most effective?

0, none.
There is literally nothing they can do to help you aside from delete some of the “common” script injections or monitor your game in circumventable or loose ways (leading to false bans). There’s a lot of reasons why exploiting is possible and there is a wide variety of exploiting methods and concepts. It’s best to just secure your own game so it is less exploitable than throwing in a random script and hoping the game is safe (same mistake that REAL games do when adding EasyAntiCheat and ignoring literally everything assuming EAC will take care of it). The “anti-exploit” magic scripts are about as believable as anti-lag scripts and real moderation / actual game security is always better (i.e. making your remote events have sanity checks).

Just like @Wunder_Wulfe beautifully said, if you create or buy an anti-exploit, exploiters will be able to get a way around it, and still do their thing. It’s impossible to absolutely patch exploits completely.

I’ve recently got people to be able to use speeding and no-clip exploits, even people who can just lag my game and “dox” it completely

Speed and noclip can be done by directly manipulating memory or properties and so there can be literally no way to prevent this unless roblox does memory checks or you yourself add some checks to see if they are travelling really long distances in insane amounts of time or floating in the air for too long and killing them or something. The main crutch is having to do most of these on the Server’s side (which doesnt get that much accurate information replicated) as they could potentially just delete any anti-exploit scripts locally.

No.

Just never trust the client, maybe implement some extra checks, and you’re done.

Anyone trying to sell you an ‘anti exploit’ is a conman.

Exploiter’s will eventually work around an anti-exploit, in my opinion you should not buy one encase someone does bypass it, meaning you would have wasted money on something that isn’t currently working.

I don’t see a point of buying a anti-exploit system, eventually exploiters will bypass the system.

It’s not as simple as saying to just “not trust the client”. Perfect is the enemy of good, and I say this to the people who suggest doing nothing additional just because you cannot completely stop some categories of exploits.

To answer the original question, it depends. You’d be better off programming characters that the server has authority over, rather than the client. The anti-exploits you’d buy would probably only use heuristic checks for this.

Anti-exploit services which protect against exploits that there’s no way of patching would be much more valuable, but you should consider that as it becomes more popular, it becomes a bigger target. Solutions specific to your game will be superior, but you may find that it’s not worth the development time.

So how do big games such as Jail-break and adopt me cope with this system? most problems game owners have these days are exploiters shutting down servers or known as doxing them.

I’m not sure what you’re referring to. Are you talking about DOS attacks on game servers? If so, there wouldn’t be a way for you to prevent that. Games with many servers would be harder to take down, and more likely for Roblox to notice, while unpopular games would be much easier to seriously hurt.

You could also be talking about something else, I don’t know.

@Raviates Yes that’s what I meant, game owners suffer a lot from random people crashing servers and ruining gameplay.

The best thing you can do is to post in the Feedback section about your issues to prompt Roblox to improve its DOS protection. I should’ve been more specific, if this is a standard network flooding DOS attack, there’s nothing you as a developer can do…

Since unpopular games are less likely to get attention from Roblox, a feedback thread could show how many developers are impacted by this, and the totality of their experiences could convince Roblox to take action they might not do for you alone.

It’s also possible exploiters are performing a DOS attack through a bug in Roblox that makes it trivial to do, and you could try to identify this method and report it.

Buying? Not really. You might as well just go through with the effort and make a system that suits your needs, and learn from your mistakes. Plus, for every problem there is a solution. Exploiters will find some way, some how, some exploit.

This isn’t good advice, see my first reply.

Unpopular opinion: do what you want.

If you’re not a programmer and exploiting is an issue - yeah maybe go for it. If you think you can find an anti-exploit that’s pretty solid and would help in your game, then feel free to go with it. Alternatively, if you want to hire a programmer to tighten up your security - also feel free to go with it. If it works, it works.

The best case scenario is obviously you being a proficient enough programmer to design your own exploit prevention systems, secure your game, etc. but that’s not necessarily realistic. You may have little to no programming experience (or just not a lot of experience in exploit defense) and thus, anti-exploits might be an attractive solution.

Always consider your options at hand, but at the same time go with whatever floats your boat. There is no right answer, and most people are just assuming that the anti-exploit scripts you reference are very basic. It is possible to find a pretty solid script that will do the job just fine in a lot of cases.

@https_KingPie Would you be for hire?

I’m not available at the moment, sorry! D:

It’s really not that simple. A secure game does not mean just inserting a script. Security is an emergent property of software that is programmed well, with all scenarios carefully thought through. Every aspect of your game, anything you add or modify, has the potential to be used in a way you didn’t intend.

Is there a backdoor plugin I should use for my games?