How I make a Admin Script? Part 2

i think the best way is using serverstorage because in one post exploiters cant access serverstorage
So no need 100 folders

i will try using HTTPService and datastoreservice

What site should i use from google? @oofdog4526

sites.google.com or something

char

Hey @zrax_rb what site should i use for ban player and store the data in the site?

ah yes, let’s store data on google sites. To actually do so, you’d have to go out of your way to code the website yourself. Google sites is not the way to do something like this. If you want to store data offsite, like bans, you can use FireBase with @ShaneSloth’s Robase module. OR you could put this data on google sheets and any time you ban someone, you send a POST request to post this data then any time the player joins, you send a GET request to get this data and see if the player is banned. But this is very tedious and a lot harder than just using firebase. But you could just use datastores, there’s no need to put it offsite tbh

ok so no HTTPService because i cant not violate the TOS of roblox?

Datastores security be like:

yeah it sucks

it’s not a violation of TOS, but you just can’t store data on Google Sites. Not possible

and that’s all you got from what i said lmao.

Before you solve this problem of how to ban exploiters, have you considered if this is actually a problem for you? Do you have a popular game that is being exploited?

From what I see you’re attempting to do, it doesn’t make much sense to me. If someone was exploiting, they wouldn’t likely be using your admin tools that you made. And even if they were, they’d probably be adding that after they join, not before, so checking ‘playeradded’ won’t be useful.

In other words, if you want to learn how to make your own admin script, I’d suggest moving on with making some commands that actually do something useful for you and not get hung up on making it bullet proof from exploiters.

1 Like

i dont have a popular game being exploited, i dont want my game be exploited because a small exploit to a big problem so i want to prevent that from happening in the future.

I get that, but you could worry about securing the script after you make a useful script. That’s just he way I would want to do it. Get the basics down before you try to tackle advanced topics? That my opinion, do what you like. :slight_smile:

If your script that is handling the events generated by your admin gui is checking the admin list there is no reason to care if an exploiter has cloned your admin gui.

That does not change the security at all… You can literally use this to bypass that…

for i,v in pairs(MainFolder:GetDescendants()) do
 if v.Name == "Example" and v:IsA("Example") then
  --Code Here
 end
end

I’m gonna make 2 scripts, which one the scripts have a folder with the player userid and name
and the other script is gonna store the data
(also the folder is gonna be in serverstorage because exploiters cant access that)

Hey, (late to the party but) what’s inside the Ranks? strings (name) or numbers (userid)

return {
	Ranks = {
		[3236301256] = true
	}
}

asss

return {
	Ranks = {
		3236301256
	}
}

And the main script to this:

local admins = require(script.Parent.Settings).Ranks

function IsAdmin(player)
    for _, v in pairs(admins) do
        if v:lower() == player.Name:lower() then
            return true
        end
    end
    
    return false
end

game.Players.PlayerAdded:Connect(function(player)
    if IsAdmin(player) == true then
        local ui = script.AdminGUI:Clone()
        ui.Parent = player.PlayerGui
    end
    
    player.PlayerGui.ChildAdded:Connect(function(child)
        if child:IsA("ScreenGui") and child.Name == "theAdminGuiName" and if IsAdmin(player) == false then
            player:Kick("Reason: \n Exploiting to AdminScreen. \n Kicked By System")
        end
    end)
end

(make sure to change the gui name btw)

1 Like

uhhhhhh

1 Like

Whoops, my bad! Remove the if and change “theAdminGuiName” to your admin gui name. Here: