Currently working on a server sided anticheat.
The anticheat currently covers:
Flight Detection
Speed Detection
Teleportation Detection
Noclip Detection
Things I will try to bring to the anticheat:
ESP Detection
Aimbot Detection
Silent Aim Detection
Interaction Reach Detection
etc…
Feel free to copy the game and customize the anticheat to your liking. This is my first time ever creating a server sided anticheat, and dont complain about redundant code inside the script like trying to detect btools.
Commands you can use are:
!speed (speed)
!noclip
!bring
!btools (for the fun of it)
!nospeed (reset your speed)
!fly (flings you for some reason)
I would have included a server side executor but that is sadly against ROBLOX’s TOS.
If you want to playtest the game and review the anticheat, you can do here.
I am open for any feedback, including suggestions on how I can improve my anticheat.
When creating a server-side anticheat, you must keep in mind that physical factors are not very reliable, (how?) did you account for networking issues and other factors?
How will you detect ESP and other things only visible to the client?
I am trying to detect ESP by tracking movement of all players and raycasting where they are looking at. If a player is 1 wall away between the player and target, I can create raycast beams that will track where the player is looking at. Creating a margin (ex. 10 studs) we can assume the player is using ESP, now this is prone to false positives so we only flag it every (ex. 10 seconds) and if nothing has changed or the player is following the movement of the user, we can assume it is ESP.
Though, we can combine this with an client sided anticheat. The issue with this is, it is prone to getting deleted often or bypassed.
I did not yet account for physical factors as I myself have no way to test them. If you could suggest any way to test them, that would be greatly appreciated. I always aim to improve my system.
Many others have tried making server-side speed/teleport anticheats before, it’s pretty much impossible to minimize false flagging whilst keeping sensitivity at a decent level.
Okay so I have implemented a little fix that helps by countering this to a point. When you achieve an lag spike, a local script records how long you received that for and sends a remote event the message for how long the lag spike was. The anticheat script takes this in and is fine with that and lets you play. Though if the lag spike or your ping suddenly drops too quickly, the anticheat script will think it has something to do with teleportation as the localscript is too slow with the sending of the remoteevent. Possible solution to counteract this is implementing a delay, so the anticheat doesn’t run every heartbeat. More like every 10th heartbeat.
what stops an exploiter from abusing this remote event? I’d rather add rubberbanding (probably not the correct term usage), so whenever a player has a lag or is detected for teleporting just put him in the last place where he wasnt detected or lagging