My server security checks rely on checking for tags in parts, of course I already have some other checks I do beforehand, but my main question is can exploiters send over an instance with a ‘fake’ tag on it and then if I check the tag on the server will the server still think that it’s a real tag?
1 Like
If your security checks are on the server, exploiters won’t be able to conflict with anything.
2 Likes
No they cant. They only change client behavior not server.
1 Like
They can add tags to objects on the client side, so if you are checking for tags on the client side, they can add a tag to another object in the client and it will be detected by that client script.
1 Like