Exploiter proof safe zone?

That the basics, at least not constant looping. I do realize, in one of my posts above, that I can simply start looping on the server once a player is in a zone, but not before.

My resitance to using Zone+ is several thing, I dont want HDadmin in my game, it is required to use Zone+.

I just grabbed the module and right here, the code will yield unless HDadmin is in the game

local HDAdmin = replicatedStorage:WaitForChild("HDAdmin")
local Signal = require(HDAdmin:WaitForChild("Signal"))
local Maid = require(HDAdmin:WaitForChild("Maid"))

This is not acceptable for me. A simple module for checking zones for a player should not require an entire admin system and new maids that are redundant for me. If I need to rewrite the thing, why not just write my own?

1 Like

Then delete the line, the script won’t yield.

I took a look at the code, it creates a folder named HD admin but does not install HD admin into the game. Read the whole thing before you start making assumptions.

2 Likes

lol are you even serious now?

the line requiring HDAdmin is then required for the sfollowing 2 lines Signal and Maid, which are then used throughout the functions, including the main constructor. You cant simply delete the line.

-- CONSTRUCTOR
function Zone.new(group, additionalHeight)
	local self = {}
	setmetatable(self, Zone)
	
	local maid = Maid.new()
	self._maid = maid
	self._updateConnections = Maid.new()
	self.autoUpdate = true
	self.respectUpdateQueue = true
	self.group = group
	self.additionalHeight = additionalHeight or 0
	self.previousPlayers = {}
	self.playerAdded = maid:give(Signal.new())
	self.playerRemoving = maid:give(Signal.new())
	self.updated = maid:give(Signal.new())
	self.zoneId = httpService:GenerateGUID()
	
	self:update()
	
	return self
end

Here’s some alternative solutions I’ve thought of, they may not be the best but hopefully one of these can give you an idea or help you in some way.

> I’m assuming your using some sort of sword etc… So I suggest checking the players health if they get attacked or are attacking.

> Once a player enters the safe zone it wouldn’t allow them to do anything as you said. But if a player somehow is attacked etc… whilst they have invincibility then it’d alert the server. Not the best way

> If the player leaves the boundaries then it’ll send them straight back in if they somehow still have invincibility. An exploiter could teleport out the zone. Yes but you could try and make a script to counter that. If the player suddenly moves to one position to another in a small amount of time it’d alert the server. That’d cover long range teleporting. If the player moves positions but there humanoid magnitude or walk magnitude (I forgot what its called) is nil then it’ll alert the server. But still, that does require a loop and might not be the best.

Then it clearly requries dependencies that are inside of the maid. If you want to recreate the entire module and its methods when it’s readily available for anyone to use, go ahead.

Use collection service to tag some parts and then raycast down from the player every .Stepped to check if it hits a tagged part. You can also use coordinates if your area is a square. But as others have said, Zone+ is still a good option and you can remove the HD Admin portion of it with 5 minutes of work.

3 Likes

I don’t see that in the code anywhere. Signal and Maid are both required in the constructor method. Without HDAdmin installed, where are these modules?

-- CONSTRUCTOR
function Zone.new(group, additionalHeight)
	local self = {}
	setmetatable(self, Zone)
	
	local maid = Maid.new()
	self._maid = maid
	self._updateConnections = Maid.new()
	self.autoUpdate = true
	self.respectUpdateQueue = true
	self.group = group
	self.additionalHeight = additionalHeight or 0
	self.previousPlayers = {}
	self.playerAdded = maid:give(Signal.new())
	self.playerRemoving = maid:give(Signal.new())
	self.updated = maid:give(Signal.new())
	self.zoneId = httpService:GenerateGUID()
	
	self:update()
	
	return self
end

Zone+ imports the needed modules and puts them under a folder caled “HD Admin”, it does not add HD Admin.

2 Likes

have you taken all the HDAdmin, Signal and Maid module requirements out of Zone+ and had it work?

Yes, I use it in my own game. Just take the modules needed and edit the code to make it compatiable with your method.

2 Likes

I guess I am back to the start, i have to re-write Zone+ to meet my needs, which essentially is doing the same thing as me, but with the added raycasting (which I dont need)

The raycasting isn’t even that performance heavy, and it’s needed for more complex areas.

2 Likes

This statement literally contradicts itself.

If you’re rewriting Zone+ to add something you don’t need, why are you doing it at all? Clearly you do need Zone+ and that’s not a bad thing. It’s stubbornness like this and the refusal to learn from other resources that leads to the failure of a project.

4 Likes

What are you even saying, I am trying to AVOID using Zone+

Im not being stubborn, I wanted to write my own code. If you like using Zone+ then GREAT! Your suggestions are appreciated but beyond that, I am asking for help on writing my own code in this thread.

If you want to create your own solution consider my raycasting approach.

4 Likes

I do get your method of verifying to the server the position of the client. However, I want you to consider the advantages and disadvantages of letting the client tell their position to the server.

We are stating suggestions on what you could change to make your issue free from danger, which is:

an exploiter can simply head in to a safe zone, grab the status legitimately, then never send any reports to the server letting it know it left, thereby keeping the invulnerability as long as they want.

Based on my experience handling things on the server, Raycast and RunService are probably efficient.

You can use Raycast by 1 studs to check if the filtered instances, which is the Zone part, has gotten hit by the ray. You can use @Tom_atoes’s suggestion, which is using CollectionService, to get a table containing all Zone parts.

As for looping, you can either loop for 0.5 seconds or use RunService.Heartbeat.

Heartbeat fires every frame, after the physics simulation has complete.

If you still disregard my suggestion, that’s fine. However, our suggestions are already running out. Either you have to rely on the server or let the exploiters spoof it.

1 Like

I didn’t read the whole thread so I apologise if someone already suggested it, but why not validate on the server?

When the player enters the safe zone on the client, fire a remote to the server which will check their position and verify that they are actually in it.

1 Like

Because then malicious actors could enter a zone, leave it, and never tell the server they’ve left it, resulting in the “perks” of that zone (ex. god mode) being kept everywhere, as OP stated in their post.

1 Like

I opted for checks on the server only for the removing event. This looped check only happens after a player has been confirmed by the server to enter a zone, it then starts the loop and continues to check when they leave, it then removes the benefits of being in the zone and ends the looped check.

Therefore the server is only looping when the player is in a zone, otherwise its does nothing.

I appreciate everyone’s responses here, thank you to all. I also would like to apologize for my grumpy and rude responses further up in the thread.