Every game that is popular, like frappe, are big HUGE targets for exploiters and hackers. Like, they almost come in every day to just troll players and most importantly, admins. Admins can ban exploiters but they come back with a alt.
So i’m asking you developers, what’s a great way to stop exploiters from coming into my or someone else’s game popular without exploiters ruining the fun?
You should add an account age requirement if this becomes an issue
If you wish to stop exploiters, just make your game have as few vulnerabilities as possible. If your game is popular, you cannot get rid of exploiters completely.
But you can mitigate them with best practice security.
Server Validation: Validate requests/data from client calls, this is quite simple (in most cases) and is a very strong security method.
Session Locking: If you have session sensitive data (in most cases involving a trading system) you will want to write/use a data library with session locking behaviors (i.e. ProfileService)
RemoteFunction common sense: Don’t trust the client to return complex values, in ideal cases, don’t trust OnClientInvoke for RemoteFunctions at all since exploiters will generally be able to instigate an infinite yield case which will forever pause your server runner. :InvokeClient() should be used with utter caution if not familiar with methods to mitigate its known issues.
Exploiters can and will use your own client’s code to exploit your game. Decompilation is commonplace and shows simply how much access exploiters truly have to the client. They get a roughly rebuilt script that can easily show them how your remote parameters are structured, as well as anticheat methods on the client (Not secure, server is ideal for anticheat implementations.)
That’s all for now, but you should get the general idea. Common sense is important for devs, and it’s unfortunately a dying knowledge.
Have script that kicks someone out if their account age is under 30 days (or more if you prefer). It is very simple, just make a LocalScript inside StarterGui that looks like this:
local player = game.Players.LocalPlayer
if player.AccountAge < 30 then
player:Kick("Your account age has to be 30 days or older to play this.")
end
That is probably the simplest way to prevent exploiters from creating new accounts. You can also create an exploit detection script, but that is out of my knowledge.
Most exploiters uses accounts that have been generated years ago using how IRL names are.
This would stop effectively some of them as they wouldn’t know about it
(Mostly the average youtube users)
But for those that knows a bit more, that won’t stop anything.
I’m not saying this will stop exploiters by any means, I’m just saying this is a very simple way to slow them down.
And if you have people moderating the game, exploiters can get banned fast, especially if you have a report system in place for your game.
Plus exploiters aren’t even that easy to encounter, it’s not like everyone you see in games like Frappe are exploiters.
It’s better to have a slight solution than to not have one at all.
I would move this to a server script, as this is in the client, they could just delete this script
Yep because they can easily put a script who hooks the function Kick also a good practice to deal with exploiters is crashing them with a while true do
This is not worth it; it won’t stop exploiters and will prevent many regular players from entering your game.
It depends on what kind of game it is, if it’s like jailbreak it could be problematical but a cafe game with it shouldn’t be too bad
In addition to @j4kzon suggestion of an account age limit (which is very effective, even though some others claim it prevents new users from joining I believe that is an unrealistic scenario), a vote kick system should also be implemented.
No, they can just delete the while true do script.
Instead this should be done serverside
game:GetService("Players").PlayerAdded:Connect(function(player)
if player.AccountAge < 30 then
player:Kick("Your account age has to be 30 days or older to play this.")
end
end)
Then they also can’t hook onto the Kick function
This prevents new roblox users from joining your game, it does not prevent hackers. There’s a chance it could prevent alt accounts but they most likely have alt accounts that exist already.
This really doesnt help at all, To be honest.
sometimes really new players (not an hacker) would want to join your game , and then boom!
You have been kicked. (Your account must be – days old to play.)
a roblox game without hackers or exploiters is impossible, but preventing them from doing damage is possible! (Moderation)
The script will just kick them out before they can even inject their exploits.
Vote kick system is a good idea. I don’t know how that would be made though.
Some exploits have an auto-attach feature, which connects to roblox before even most corescripts run. On top of that, they can auto-execute a specific script when attached.
Byfron is coming to Roblox soon, so hopefully that stops most exploiters.
Lets hope it actually does something
It’s used in other popular games (I think it’s in Fortnite if I remember correctly), so I’m sure it’ll work lol