I want to increase my client’s security for an admin system I am developing.
I’ve already implemented the ideas that I know which is making the localscript nil, hiding remotes and data, and stuff like that.
I came here, didn’t look as much.
Totally needless stuff. If you have an admin system which requires the use of RemoteEvents, the sole thing you need to do to lock the system down is verify who’s making the requests. If they’re not an admin, or of the rank that would invoke that RemoteEvent, it’s a surefire malicious request. Act upon it with a ban
1 Like
So basically if it’s a gui then check if the command(s) that are/is associated with the gui and player’s admin level are equal or the player’s level is greater then allow the request to go through, otherwise ban the client the fired the remote, correct?