Exploit Protection

What is the best way on how to protect your game from any unwanted exploiters?

1 Like

Make sure everything Is Filtering enabled if it eg don’t let the client handle giving money or it is easy to exploit.

Wow thank you for the feedback I really appreciate it man.

“Filtering enabled” is an archaic term now, all games have this setting on. Games are just games now. There is no such thing as an “FE game”.

And it’s not just a matter of that.

Rule #1: don’t trust the client
Rule #2: DO NOT trust the client
Rule #3: NEVER trust the client

6 Likes

I don’t think its fair to Never trust the client, in scenarios where it won’t really have an impact on the economy / other players its fine to trust the client a little.

2 Likes

Yeah for that, but for vital stuff like currency it is best for server to handle that. For network ownership stuff it would be a good idea to let the client handle it.

1 Like

Interesting, thank you all.

Make sure to put sanity checks in your server side code. For example, let’s say a player requests to pick up an item and the server is processing it. The first thing I would check is to see if the item they are wanting to pick up actually exists. After checking for that, is the player near the item they want to pick up? If so, do they have enough inventory space to pick up this item? Different sanity checks will be needed for different things. Though, I do check if they are near an item / check if the item exists often. If any of these checks failed, there is a chance that the client is firing the remote event.

Exploits like players teleporting and making their characters go faster is a harder issue but not impossible to fix. You could keep track of player positions and see if they got to a place faster than it’s possible. You would have to be careful with this though due to lag and glitches.

I think the biggest thing you need to focus on to protect your game integrity are sanity checks and testing for edge cases. A player teleporting around isn’t a huge issue in every game if it doesn’t effect the game or other players. I would also say to trust the client with only visual effects and GUIs.

2 Likes

This link is a great overview on exploiting, and how to prevent it.

1 Like

Don’t trust the client. Try to run things on the server where possible; rather than the client.

You could also try to obfuscate some of your code, but try not to use this as your only strategy.

You could also try to obfuscate some of your code, but try not to use this as your only strategy.

This is just a little obstacle that can be hopped over in a matter of 5 minutes (or even less). I wouldn’t rely on them even just a little bit because the work will ultimately be done for nothing.

It can’t be hopped over in a matter of 5 minutes, if you use a good obfuscator, such as Ironbrew.

It doesn’t matter how “good” of an obfuscator you use. It won’t take too long for the Client to debunk that chunk in no time. Even the most popular games do this and are still exploitable (like Jailbreak).

The fact of the matter is, you can’t prevent every exploit. And you shouldn’t be solely relying on some obfuscator to save your troubles.