You can stop speeding/jumping by checking if the change in the character’s position is legitimate on the server. It’s not easy since you have to make sure there are no false positives.
Thanks for the information. I will try to watch a tutorial if there.
Actually there arent scripts that bypasses the kick. You need to do the anti exploit at the server, using a server script (script).
Trying to avoid local scripts is a good idea but there are some times you will be needing them, so you use remote event or remote function that allows client and server communication, You do the most important checks and things in the server and not in the client since hackers can change local scripts.
Using scripts at server script storage is good, putting module scripts inside server script storage is also good.
So basically, try doing things in the server and TRY avoiding client. (When it isnt possible you use remote event or remote function). If you are using the remote event or remote function you should make the most important things in the server by passing the things you needed at the client to it.
(See more in Filtering Enabled.)
2 Likes
Actually no if the client removes the process altogether it won’t behave like a normal process which would signal ChildRemoved. They could shut it off and not a single script would know what is going on. Exploits don’t deal with scripts as objects, only as code that’s put into memory
Yes, but if the client locally changes their WalkSpeed, you can log their position then calculate their WalkSpeed based on the difference in distance/time. It won’t be as simple as looping through the humanoid and getting the walkspeed, but exploits are a very tricky process.
Basically, just give the client no control. Ideally you’d have an Authoritative Server Model but there hasn’t really been a smooth implementation of that in Roblox on a major scale.
2 Likes
Just make a script that check your players health/speed/jump power. Run an event so when the value is changed, it will check if the values are not the values they are supposed to be.
Just use an if statement:
Jumpower.Changed:Connect(function()
if Jumpower > 100 then
Player:Kick()
end
end)
Run this in a localscript so that if the values are not replicated, it will still detect they are exploiting.
An exploiter can easily delete that? Plus you’re only kicking them on the client.
Then fire a remote event and kick them on the server.
You could also make a script that always replicates the clients walk speeds and jump powers to the server. Then you can kick them on the server.
You aren’t fixing the problem of the local script being deleted though
The local script can still be deleted? It wouldn’t mean anything if it was deleted, thats why you shouldn’t do anti-cheats on the client, server should be handling it and doing sanity checks.
It might throw off the exploiter who is trying to find the anti exploit system.
Other than that I can’t think of anything else at the moment.
A better method would just be to look at the velocity and check if its too crazy. Or the last position compared to the current position.
You’d just find yourself in a hassle if you did it on the client.
It MIGHT, but you should never rely on possibilities to prevent these exploiters. Granted, you might catch a skid on their first run, but after the first kick, they are going back and deleting your script ASAP.
How would the clients walk speed replicate to the server without a method on the client side.
I can only think of one more method but it still involves one local script. Most of it would take place on the server.
I never said walkspeed replicates, the velocity on the otherhand will replicate and so will the position of the player. Do sanity checks on those and it should work fine.
Please for the love of meme dont use a local script for an anti-cheat.
You would have to save the player’s position, and do math to calculate how far they went in a matter of time, and if it is faster than the average 16 walk speed, you would handle them from there
I get what your saying.
You might also me able to use magnitude from a certain part and check if the magnitude is increasing by too much in one second.
Magnitude is basically just looking at the positions and comparing them as I said before. Dont do this on the client, server should be the one handling it, you can just keep a CharacterAdded event somewhere with a playeradded in ServerScriptsService and then check every few seconds or so.
Same goes for jumppower, speed, teleportation, mechanics, etc.
I guess that’s what it would take for a good anti cheat.
You could also use a method that is completely server sided and will reset the players walk speed to the desired repeatedly but there are two problems:
1: using a while true do to reset the speed will take up tons of memory.
2: This will not ban or kick the player. It will only prevent them from changing the speed which is fine also.
Never trust the client, everything you check should be checked on the server.
However there are limitations on what you are able to detect on the server rather than the client, as most of their changes doesn’t replicate: JumpPower, WalkSpeed, etc.
Your current script will not be efficient at all, the exploiter can disconnect your event, remove your script, and even cancel the :Kick() packet being sent to their client.