Hey, I’ve made an Anticheat for kicking people from a game if they aren’t whitelisted, as it’s a testing place for testers and no one else, there’s a few issues though.
What do you want to achieve? I want to prevent hackers from teleporting to the place, and leaking things that aren’t released yet.
What is the issue? Kicking them out would work fine, but hackers can just hide the kick UI, remove the blur, and then use a freecam hack to view any new, unreleased content. They are disconnected from the server, but that doesn’t mean Roblox doesn’t already send them all the data they need to leak things.
What solutions have you tried so far? I was thinking about crashing their game, but even though they are exploiting and cheating their way into a testing place, I’m still not sure if that would be okay since I’ve heard intentionally lagging a device is against ToS. After a while I realized advanced hackers could just use the data sent on the network since the game has to replicate to the client, somewhere in your network, Roblox sends the game’s files to your client (excluding server sided script content, ServerStorage, etc).
If anyone has an idea on how I could prevent exploiters from getting into the testing place, it’d be greatly appreciated!
Hi. I think the safest way to prevent exploiters from leaking nee update is first, do not publish to test place unless necessary and two, make test place limited to friends only .
Would it do fine to have a place 1 that you have to join then a serverscript that sends the player(s) to place 2 so place 1 has nothing but a simple script while place 2 is the interesting place? As far as I am aware, unless you allow teleporting directly to other places then exploiters can’t get to any places except place 1 without a serversided script sends them to other places (place 2).
If you are paranoid about it somehow being possible then maybe have a datastore for players that have joined so if someone unexpected (exploiter) joins then atleast they cannot do it unnoticed
Also do you mean testing place as in another place apart of the game or another game/experience, since making a different game private seems it would fix the problem like YourLocalNoob said?
I don’t think having a testing place as another place within the same game as the non-testing place is a good idea in general as for testing you probably don’t want to share datastores etc anyways…
It doesn’t have any sense, because executors can’t work after player is kicked. Also, freecam is a script, so it can’t be executed too. Plus, once player is kicked, they can’t use any scripts, like hide the kicking screen and remove blur, and also the freecam one. Player is just fully disconnected from the game.
Do you need to have the test location be in the same Universe as the actual place?
If not, then you could create a group, set the join process to Approval only (I’m not sure the exact phrasing, but basically the one where you have to manually accept everyone who joins the group). Then, create a new universe within this new group, where you will upload the test place to. Within the Access Settings of the game, change the access type to Community Members.
This will make it so only those in the group have any access, and you can control who is in the group.
Before you publish the testing server, make sure all the unreleased content map’s parent is located at ServerStorage. Then add a script that waits for a few seconds before moving that unreleased content map’s parent into the workspace.
If you think hackers can still see the map; Well, no. It’s the ServerStorage, and hackers cannot see anything in ServerStorage because it’s only available to the server. Hackers exploit in the client.
Kicking the client only remove them from server for as long as they keep the client open on their pc they can still run stuff locally, like free cam and dex and copy map.