I am aware that every anticheat can be bypassed but I want a good enough anticheat that is really hard to bypass.
I have tried remote name changing, firing remotes through a module with protection (along with remote changing) and it still seemed to be bypassed. I have looked on here for solutions but everyone’s answer seems to be “it’s not possible to make a good anticheat” and that is just not what I am looking for.
Almost any anticheat you make can be bypassed so this is one of the essentials. Never trust the client, always do checks on the server whenever a remote is fired to determine whether the client was supposed to be firing that event.
And yes, you might think lik oh thats not exactly reliable but the truth is scripters rarely deal with anti cheats, unless much later in devlopment. As a bonus, here is an execellent article on Exploiting.
To expand on Server Side Checks it’s important to know what is and is not server side. A often surprising remote event is all Touched connections. clients can fire a Touched event at any time for any object they please. The server needs to check distance on vital events for genres like capture the flag games.
If you posted more concrete examples of what your remote events are in charge of we could help with the specifics, otherwise we can only say do server side checks.
Be that as it may, if I have a remote event Give10_000Dollars:FireServer() and I don’t put a server side check on it it’s just as exploitable as GiveXDollars:FireServer(10_000). Passing arguments isn’t the problem it’s implicitly trusting the arguments that’s the problem.
Both inaccurate analogies of what I’m describing, if its existence was completely necessary it’d ideally be named ‘GiveDollars’, the server would then appropriately determine how many dollars to award.