As the title suggests, you can delete most objects from your character and it will replicate to the server.
This is with FilteringEnabled on, too.
I can see how this might be allowed intentionally, but it causes a lot of issues when objects can be deleted from the server by an exploiter. In my game, I’ve found that exploiters are able to delete instances from their character that carry out certain statuses in order to avoid them.
EDIT Dec '19: This is a long-standing issue which isn’t likely to be fixed anytime soon so, if you’re reading this thread now, you should avoid placing instances in the character that can’t be reliably checked for deletion. Personally, I would recommend creating your own instance-less systems where you can control the replication and fine-tune it to your parameters.
One cheap solution for existing systems is to move the instances over to somewhere other than the character e.g. ReplicatedStorage.