First off, clientside checks are underrated. They’re a great way of catching a large portion of exploiters who are ill-experienced and are just using other people scripts, but they’re not, as you’ve said, by any means a full solution to the problem as they can be easily bypassed and workarounds will be quickly developed, especially for popular games.
I’ll run through each of your problems;
Anti inf-Ammo
This is an easy one! You can make an absolute fix for this by storing the amount of ammo a player has on the server, and not allowing the client any access to it. If this isn't currently the case you have a major problem with the networking of your guns.
Server Side Anti-WalkSpeed
For preventing speedhacking, WalkSpeed is generally a useless property to check. If an exploiter changes their WalkSpeed, the server cant see it, and most speedhacks don't even change the WalkSpeed property. Here, you're going to need to track the player's velocity changes over a period of time (server side) and try to recognise anomalies.
Anti Aimbot
Aimbot is a very difficult one to fix, and detection methods for this are nearly always going to have to be client sided, you’re going to have to do some research and/or think about fixes yourself, maybe someone else here knows a great way of stopping aimbot.
NoClip
Similar to WalkSpeed, you should track the player's position Server side, draw a raycast between them and check for objects that would obstruct the player. This is a really hard one to nail as players can of course walk around objects and so accidental false positives are common with this.
Above all, do not let anti-exploits intrude on the actions of normal players. Err on the side of caution, unless you’re 100% sure, always kick, don’t ban, and don’t kick unless you’re satisfied the player is exploiting. Anti exploits can become detrimental to your game if you start detecting the wrong people or run processing intensive checks that stop players on low end machines enjoying your game. Good luck!