I have heard that remote functions are vulnerable to being exploited. I was wondering if anyone can tell me how I can improve my coding practices to prevent this?
2 Likes
Here are some good resources
1 Like
Client → Server → Client remote functions (OnServerInvoke) aren’t more exploitable than a regular remote event, and Server → Client → Server remote functions (OnClientEvent) are just a very bad idea because the exploiter can replace the callback with their own.
So, just don’t invoke remote functions from the server and add sanity checks, and you should be fine.