Exploiter proof safe zone?

Help and Feedback Scripting Support
#1

I put together a little safe zone module for myself where the CLIENT loops every 1 second and does Region3 checks to see what zone it might be in. Then if it finds itself in a zone, it sends a remote to the SERVER for verification. If the server can confirm that, it will apply a state to the player giving them invulnerability to any attack, a powerful thing to have! (if your not actually in a safe zone)

When the player leaves the zones, it also sends a remote to the server letting it know it left, server makes the checks again, and removes the state as needed.

Now here is the issue, an exploiter can simply head in to a safe zone, grab the status legitimately, then never send any reports to the server letting it know it left, thereby keeping the invulnerability as long as they want.

I wanted to avoid any looping checks on the server, yet I am now thinking I must do that or else face exploiting players pretty quickly.

Is there any other way? Has someone done this sort of thing before? Perhaps I could run a less frequent check to see fi they are actually still in the zone? Any advice would be very helpful :slight_smile:

THANKS!

#2

Why not check their actual Position server-only instead of firing a remote?

3 Likes
#3

this would put unnecessary load on the server. Such frequent check of Region3 would certainly cause server-lag.

#4

Not necessarily about Region3, also:

That is already extremely unoptimized.

#5

Best way I can think of is using a .Touched event then.

1 Like
#6

not really. The individual client is looping once per second on their own machine. This should be perfectly fine.

#7

Why would I use a Touched event? Region3 is more reliable. Touched is also very unreliable in many way for such things. Not sure what you mean by this being better.

#8

Low-end machines will crash quickly, or won’t loop properly and exploiters could take advantage of it.

.Touched is probably your best bet like @Hydration217 said.

#9

any client, even a old phone should be able to handle MANY 1 second loops. There are constant checks of all sorts happening. The client machine is much more capable of handling these things than the server.

#10

Consider using Zone+ to make the checks server-sided only.

5 Likes
#11

thanks but Zone+ is not open-source. Forcing us to require an ID and not allowing us to see the code. I will not run any code like that in my game.

Additionally, its not any more efficient than my system.

#12

It is heavily optimized and likely more efficient than your system.

Also, please actually look at the module before making assumptions about it. It is indeed open sourced: Zone+ - Roblox

4 Likes
#14

When people say “.Touched is bad” it doesn’t mean for every context. Region3 is unreliable as well (given it’s based on a 4 stud voxels) and looping a region3 for multiple zones will be much more demanding than .Touched.

But I would recommend Zone+ since you’re refusing to use it. It’s an open source module unless you can show me a certified patent showing me you can’t access the API

5 Likes
#15

I may be wrong about Zone+ being open source, the install instruction show it doing a require on an ID and I didn’t check that.

However it does rely on HD admin and HD maid and HD signal which I dont want.

from the source code:

local HDAdmin = replicatedStorage:WaitForChild("HDAdmin")
local Signal = require(HDAdmin:WaitForChild("Signal"))
local Maid = require(HDAdmin:WaitForChild("Maid"))

I don’t see how Zone+ could be more otimized than my system, it include features that I do not need for my game at all. My zones are simple region3 checks without any raycasts (I don’t need rotated zones or weird shapes).

#16

Why are you asking for help if you are so convinced your method is the best method?

6 Likes
#17

You don’t need to have HD Admin in your game to use Zone+.

Also, the raycasting method Zone+ uses is as optimized as can be. You don’t have to use any other features that it has if you don’t want to.

#18

this was never an attack on Zone+. I don’t need raycasts added to my Region3 checks, regardless of how optimized they are. I am not checking irregular shapes.

#19

im askign for help on my own issue, not asking for suggestions on third-party modules. I thought that was clear in my OP, do I need to edit the OP to be more clear?

#20

You said:

We are giving you other ways but you are refusing them. I’m not sure what else we can do.

3 Likes
#21

There’s not much you can do, your system is flawed in that it’s relying on the client for information.

You either have to go back to the drawing board or use Zone+ if you want to be exploiter proof.