How people are reach exploiting (the script they're using) help make anti?

Adding onto what other people have said, exploiters can find ways to always return a false number, string, and more for Speed, JumpPower, etc… So just comparing numbers is useless.

You should find other ways of detecting changes, for example, magnitude, or comparing their last position to their current position, etc… Otherwise, your anti-exploit is practically useless.

Maybe try putting it in an script they need to play the game or something like their money earning script or something so if they do find the script that bans them if they delete the anti cheat they basically cant play the game. 1000 IQ lol

i know i’m learning how to work with server sided coding and to be able to do that. i want to lol

They csn just edit the script
Doesnt work

can’t you just add a separate script in serverscriptservice to where if the local anti cheats or scripts get messed with/changed etc. then kick from game lol or if someone tries editing or changing anything in the local script. or change in properties and such too

and i already have an anti cheat in the sword. it’s a local script too and it’s been fine and works. i haven’t seen or heard of anyone changing or editing the anti’s i added to my game. i have like 2 server sided and one i made lol i have trouble working with server sided coding so i’m trying to read other codes and edit. but also my anti i have made not the one i shared in this post but the one i made that works and such, it as a feature in it where if any classname is added to the sword then kick player lol

another thing, i have two exploiter friends who BOTH gave me their script they use to exploit reach. i know how they’re doing it so i’m going to try to see what i can do. and learn more. it’s not hard to stop them, they don’t change scripts or any of that. they’re just editing what’s already running on the server or to the server or communicating with server lol either way and making that fake fireevent do the work for them lol

You can’t detect client changes from the server. In order to see what’s on the client, the server has to ask the client.

You can’t edit the server via the client unless you have unsecure RemoteEvents in your game

There are many, many ways exploits can stop your anti-cheat without knowing the name of your script. In this case, they don’t even target your anti-cheat at all, they simply fire touch events.

Exploits have almost full control of what every property, function, etc will do, they can modify it, and access values within your script both directly and indirectly and in ways that a LocalScript traditionally cannot. They also have access to anything anywhere. Exploits can target your script simply by making whatever methods of detection you use ineffective.

Think about it as if an exploiter can edit any LocalScript in your game, even automatically with the code they write, as that is essentially equivalent to the power most exploits provide. Exploits have far more control over the engine than you do, and ultimately, there is nothing you can do that will be able to avoid exploits, except to simply write your code server-sided.

Often times, exploits don’t even need to target your script at all, and likely don’t even need to view the source code of your anti-cheat to stop you from detecting them. It is entirely possible for exploiters with an okay amount of knowledge about Roblox to simply eliminate every feature you could use to detect the presence of the cheat from the client, or fake what is actually happening.


As a lot of people have said above, exploits have zero control over the server since it’s all on Roblox’s end. The only control they have is control your code allows, or control that Roblox allows (intentionally or not).

I was gonna say the exact same thing lol

dang that sucks thx for telling me though lol

ok i understand now, thank you for that. i need to work on server sided coding then. new to events