That really sucks, developers shouldn’t have to put up with this.
It’s not that developers shouldn’t have to put up with this, it’s a problem for all games because servers have to be able to tell the client where objects should be located and have the client render those objects. Since the client renders those objects using the information the server sent, exploiters just change that information. For example, properties of parts like position, color, collision, and size. And since the client side changed those properties, there’s no way the server can detect those change.
Due to local scripts running on the client, exploiters just remove that local script by calling :Destroy() and the server would not be able to detect this due to it being client-sided. This effectively renders it useless even if you have another local script setting the disabled property to false. Additionally, you cannot create new scripts with code contained in them because script.Source is plugin protected.
1 Like
Even banks with billions of dollars at stake need to put up with this. You just make sure that no client is able to directly manipulate critical data and you’re fine. If I go to my bank account and use inspect element to change my money to five trillion dollars, the bank knows that I don’t actually have five trillion dollars. That’s how exploit prevention works. The bank doesn’t have an anti-hack script, they just restrict what you’re authorized to do. That’s how your game should be designed.
And then your exploiter can teleport around, change his money, and delete the whole game if he wants and nobody would care. He would only change his money or delete the game for himself and everyone else can play like normal. Let the exploiters ruin their own game, let them use Inspect Element on their bank account page. It doesn’t make a difference.
2 Likes