i think the best way is using serverstorage because in one post exploiters cant access serverstorage
So no need 100 folders
i will try using HTTPService and datastoreservice
ah yes, let’s store data on google sites. To actually do so, you’d have to go out of your way to code the website yourself. Google sites is not the way to do something like this. If you want to store data offsite, like bans, you can use FireBase with @ShaneSloth’s Robase module. OR you could put this data on google sheets and any time you ban someone, you send a POST request to post this data then any time the player joins, you send a GET request to get this data and see if the player is banned. But this is very tedious and a lot harder than just using firebase. But you could just use datastores, there’s no need to put it offsite tbh
ok so no HTTPService because i cant not violate the TOS of roblox?
Datastores security be like:
yeah it sucks
it’s not a violation of TOS, but you just can’t store data on Google Sites. Not possible
and that’s all you got from what i said lmao.
Before you solve this problem of how to ban exploiters, have you considered if this is actually a problem for you? Do you have a popular game that is being exploited?
From what I see you’re attempting to do, it doesn’t make much sense to me. If someone was exploiting, they wouldn’t likely be using your admin tools that you made. And even if they were, they’d probably be adding that after they join, not before, so checking ‘playeradded’ won’t be useful.
In other words, if you want to learn how to make your own admin script, I’d suggest moving on with making some commands that actually do something useful for you and not get hung up on making it bullet proof from exploiters.
1 Like
i dont have a popular game being exploited, i dont want my game be exploited because a small exploit to a big problem so i want to prevent that from happening in the future.
I get that, but you could worry about securing the script after you make a useful script. That’s just he way I would want to do it. Get the basics down before you try to tackle advanced topics? That my opinion, do what you like. 
If your script that is handling the events generated by your admin gui is checking the admin list there is no reason to care if an exploiter has cloned your admin gui.
That does not change the security at all… You can literally use this to bypass that…
for i,v in pairs(MainFolder:GetDescendants()) do
if v.Name == "Example" and v:IsA("Example") then
--Code Here
end
end
I’m gonna make 2 scripts, which one the scripts have a folder with the player userid and name
and the other script is gonna store the data
(also the folder is gonna be in serverstorage because exploiters cant access that)
Hey, (late to the party but) what’s inside the Ranks? strings (name) or numbers (userid)
return {
Ranks = {
[3236301256] = true
}
}
return {
Ranks = {
3236301256
}
}
And the main script to this:
local admins = require(script.Parent.Settings).Ranks
function IsAdmin(player)
for _, v in pairs(admins) do
if v:lower() == player.Name:lower() then
return true
end
end
return false
end
game.Players.PlayerAdded:Connect(function(player)
if IsAdmin(player) == true then
local ui = script.AdminGUI:Clone()
ui.Parent = player.PlayerGui
end
player.PlayerGui.ChildAdded:Connect(function(child)
if child:IsA("ScreenGui") and child.Name == "theAdminGuiName" and if IsAdmin(player) == false then
player:Kick("Reason: \n Exploiting to AdminScreen. \n Kicked By System")
end
end)
end
(make sure to change the gui name btw)
1 Like
