This topic briefly describes exploit prevention measures.
This sentence was translated using Google Translate. If there is something wrong with the text, please DM me.
What is an exploit?
Roblox developers, anyone who has played Roblox for a long time will know.
Exploits make this possible:
- Teleport hack.
- Speed hack.
- No clip hack.
- Money farm.
What can do with an exploit?
Exploits can execute local scripts.
So you can change the WalkSpeed property of Humanoid.
But with that, All this can be prevented by program.
How to prevent?
1. Use magnitude to prevent Teleport hack and Speed hack
magnitude is a function of Vector3.
You can use magnitude to monitor the speed of the player.
function CheckTeleport() if HumanoidRootPart == nil then return Kick() end local PositionFirst = HumanoidRootPart.Position delay(1, function() local PositionSecond = HumanoidRootPart.Position if (PositionSecond - PositionFirst).magnitude >= 140 then return Kick() end end) end while wait() do CheckTeleport() end
I recommend creating this script for each player.
There is a point to note here.
Do not run this in a local script.
Local scripts can be deleted with an exploit.
2. Use anti-exploit for prevent noclip hack
But never insert anti-exploit from the toolbox!
The anti-exploit present in the toolbox is likely a backdoor.
Search on devforum and use the code you find.
3. don't misuse RemoteEvent (RemoteFunction) for prevent money farm
It is no exaggeration to say that all games use RemoteEvent.
However, there may be holes in this RemoteEvent.
--Server side code local AddMoneyEvent = Instance.new("RemoteEvent",game.ReplicatedStorage) --Create RemoteEvent AddMoneyEvent.Name = "AddMoney" AddMoneyEvent.OnServerEvent:Connect(function(Player) Player.leaderstats.Money.Value = Player.leaderstats.Money.Value + 100 --Add money to Player end)
--Client side code local MoneyBagClickDetector = workspace.MoneyBag.ClickDetector --MoneyBag is assumed to be created on the client side MoneyBagClickDetector.MouseClick:Connect(function() game.ReplicatedStorage.AddMoneyEvent:FireServer() end)
Don’t use code like this!
The exploiter can execute the client code.
The exploiter uses this code in this case:
for i=0,100 do game.ReplicatedStorage.AddMoneyEvent:FireServer() end
There are ways to prevent this.
- Measure the distance to the Money Bag.
- Check if the event is spammed.
- Issue an ID on the server side when the player joins the game, send the ID as an argument when sending an event, Kick if wrong (if possible)
I created this because the tutorial did not exist when I searched for exploit prevent in Devforum.
If you have any questions, feel free to reply.