How I make a Admin Script? Part 2

Help and Feedback Scripting Support
#42

now that the only admin is done
How do i make ban? i will do the kick part

#43

like ban player, kick or unban
do i need to use:
Messaging, Datastore Services?
And Remote Function/Events?

#44

Datastores are the best way.

char

#45

And creating a folder or something that has the user ID of all players who are banned, and if it encounters a player with that ID kicks them.

#46

but if a exploiter get in the folder?
he can unban all players that were banned (including the permently banned)

#47

Datastore can security that easily

#48

You could make it very tedious for the exploiter to get there, but putting that folder in a folder which is in another folder, and do that for about 100 folders.

Or you can use HTTPService and store the banned peoples’ IDs in a website like a Google Site or something

#49

i think the best way is using serverstorage because in one post exploiters cant access serverstorage
So no need 100 folders

#51

i will try using HTTPService and datastoreservice

#52

What site should i use from google? @oofdog4526

#53

sites.google.com or something

char

#54

Hey @zrax_rb what site should i use for ban player and store the data in the site?

#55

ah yes, let’s store data on google sites. To actually do so, you’d have to go out of your way to code the website yourself. Google sites is not the way to do something like this. If you want to store data offsite, like bans, you can use FireBase with @ShaneSloth’s Robase module. OR you could put this data on google sheets and any time you ban someone, you send a POST request to post this data then any time the player joins, you send a GET request to get this data and see if the player is banned. But this is very tedious and a lot harder than just using firebase. But you could just use datastores, there’s no need to put it offsite tbh

#56

ok so no HTTPService because i cant not violate the TOS of roblox?

#57

Datastores security be like:

yeah it sucks

#58

it’s not a violation of TOS, but you just can’t store data on Google Sites. Not possible

and that’s all you got from what i said lmao.

#59

Before you solve this problem of how to ban exploiters, have you considered if this is actually a problem for you? Do you have a popular game that is being exploited?

From what I see you’re attempting to do, it doesn’t make much sense to me. If someone was exploiting, they wouldn’t likely be using your admin tools that you made. And even if they were, they’d probably be adding that after they join, not before, so checking ‘playeradded’ won’t be useful.

In other words, if you want to learn how to make your own admin script, I’d suggest moving on with making some commands that actually do something useful for you and not get hung up on making it bullet proof from exploiters.

1 Like
#60

i dont have a popular game being exploited, i dont want my game be exploited because a small exploit to a big problem so i want to prevent that from happening in the future.

#61

I get that, but you could worry about securing the script after you make a useful script. That’s just he way I would want to do it. Get the basics down before you try to tackle advanced topics? That my opinion, do what you like. :slight_smile:

If your script that is handling the events generated by your admin gui is checking the admin list there is no reason to care if an exploiter has cloned your admin gui.

#62

That does not change the security at all… You can literally use this to bypass that…

for i,v in pairs(MainFolder:GetDescendants()) do
 if v.Name == "Example" and v:IsA("Example") then
  --Code Here
 end
end