Game security code


Oh, so it was a plugin :smile:

Edit: where can i find that plugin, is it in roblox? found it

1 Like

no a website that is freely available online

1 Like

The OP thought that heavily spacing out and indenting the code would make it harder for an exploiter/hacker to unravel and bypass.

As has already been said, everything you script on the client is open to exploiters. All your exploiting countermeasures must be server-sided if they are actually to be secure.


You should note that exploiters don’t get a copy of your script. In fact, decompilers don’t have access to whitespace or comments. So, a decompiler will just spit out the logic in your code without any extra whitespace or weird comments.

Essentially, you made it harder for you to read without affecting readability for anyone else.


Alright so first of all making that to your code, will do nothing. All you have to do is to intend it and you got all the script just as it was before, please DO NOT intend it with random apps and things like others said since there’s a ROBLOX feature for that already.

Second thing is as I said doing that to your code won’t secure anything, I highly recommend using this obfuscator which is the best one you can find at the moment, it’s 100% free and easy to use.

Make sure before you obfuscate it you have a copy of the script since you won’t be able to get the script back unless you remake it.

EDIT: There’s also no reason to obfuscate it unless you’re “selling” the script and it’s important for it to not get leaked. And sorry if I mistyped anything I just woke up.

EDIT2: Don’t use while true do loops, they affect the performance very bad.

Don’t forget that Lua Decompilers included in exploits automatically beautify it.


I have another idea! We could put comment marks between the code!

Comments help you to organize your code properly, so basically you could write notes for functions to help you remember it later on in future.

How is that supposed to contribute to security though, I don’t get it.

Your coding isn’t more secured. It just makes your life harder bc you gotta keep scrolling 9999999 miles every time you find a bug or add a new line.

Here is what I mean:



1 Like

How is that supposed to improve security though…

The comment marks between the code is harder to beautify it

This is not true. Decompilers don’t preserve comments.

Please, for your own sanity and for the others involved, stop believing that making your code harder to work with means a computer will have a harder time parsing it. It simply is not the case. Obfuscation is never the answer.


Still though, an exploiter could just use a Decompiler also why do you even want to Secure your client side code, it is available to them by any way. And if it is for Server Sided, it doesn’t make sense because Clients aren’t able to access ServerStorage or ServerScriptService. So basically you will be making your life harder by doing that.


Then, what other ways to secure the code?
Are there no other ways of protecting it?

1 Like

From what are you trying to secure your code? Are you worried about people taking your intellectual property, or are you concerned about exploitation?

If you’re more specific with your needs, the community can give you more precise, valuable feedback.


Comments arent replicated to the client. Luau also removed the variable names and renamed them to v1, v2 and so on, so they already did more than enough.

There is no reason why you want to protect your clientsided code more. You should work on features instead. If you obfuscate your code you literally only create a hard time for yourself.

Oh, I didn’t know that behind the scenes Lua renamed the variables and comments are hidden away. Thanks for letting me know! I don’t know much about Lua itself. Now I’ve learned something new. Thanks for the amazing feedback. Have a wonderful day!

Actually. Behind the scenes when u play your game, Lua is compiled into bytecode. So u lose Whitespace, Variable names and other stuff. Exploiters use a Decompiler that tries to make Source code from the bytecode.