Hello, my name is Kno_wledge and I am a fairly decent swordfighter and owner of a somewhat popular sword fighting game. I have recently noticed how easy it is for people to extend there hitboxes by simply resizing the handles from the client, or teleporting players… or making player hitboxes bigger. I’d like advice to help me patch this and attempt at limiting reach, I’d like to limit ping reach as well.
(In Testing) Current Solution: Create a region3 around the sword that’s 20x20 studs, for idle-damage I’d get all the parts that belong to a players character and check if it is within the bounding boxes of the swords hitbox. For lunge damage I’d do something similar, but it will only be activated when the player is lunging. Tell me if you’d think this solution is work, and it’d be great to hear any other solutions.
Try using magnitude checks on a server script before applying damage. That would maybe solve the extended hitboxes. You could also make it where a local script would constantly check the hitbox size and if the size was off the script would resize it to where it is supposed to be.
Exploiters can trigger touched events without changing the size, but also, you should use == for comparing vector3s since they usually get floating point errors
I appreciate your response but that can easily be bypassed, by simply replacing the script and firing the remote event… or people can teleport players to them or make the players hitbox bigger; I’m looking for a way to make server checks that stop exploiters from being able to change hitboxes and player positions from the client, and make it replicate to the server.
For more information; I am trying to prevent this entirely because my game is a game where if you kill someone your speed increases. Exploiters can easily exploit this and kill people with high speeds; while giving themselves higher speed. Client checks can work, but advanced exploiters can make scripts that bypass client checks and give the scripts to others.
You shouldn’t kick them. That’s the worst thing you can do due to ping and latency from the server.
Simply return end or skip the damage part if it’s above.
I’m having issues with reach exploiters currently, and I’m using the magnitude checking method. What did you set the magnitude to? I don’t want it to be too low and the player do no damage when they should have.
You should never do that, this will give the exploiters the ability to modify their reach to gain a slight advantage. Anything from 6-7 is very stable.
People with high ping is not an issue.
When doing what you suggest, there is barely any need for a reach check when you just remove that layer of protection.
Players with high ping will not be affected too much, just because they are close to their opponent on the client-side, doesn’t mean they should be able to hit them on the server-side.
12 or 13 studs is considered the average stud limit on the server-side in the sword fighting community. You can do 6-7 studs if you want to limit any latency reach.