So I want to make an anti-cheat because I don’t want people to hack or fly in my game but I’ve searched up tutorials but they are all local scripts in StarterPlayerScripts. Cheaters can easily delete and bypass it. I’ve secured my remotes but I Still want to make one. How can I make one that is placed in ServerScriptService?
Well you can’t really do that much against exploiters deleting a localscript. Maybe you can use the script below and make 2 of it just in-case an exploiter deletes one of them.
-- MAKE 2 SCRIPTS OF THIS AND PUT IT IN StarterPlayerScripts!!
script.Parent.ChildRemoved:Connect(function(obj)
if obj:IsA("LocalScript") or obj:IsA("ModuleScript") or obj:IsA("Script") then
game.Players.LocalPlayer:Kick()
end
end)
Yeah but I heard people do it with serverscriptservice using Normal scripts because they say its better
Like somebody said
Stronger Server-side anti-cheat = Stronger game
Stronger Client-side anti-cheat = Stronger Exploiters.
Well the exploiter could just delete or disable both of the scripts, and boom.
thats what im trying to say Never trust the client. Thats why I preffer trying to make a server script service one.
its impossible to tell somethings on the server to see if the player is exploiting.
1 Like
Hmm, maybe something like this would work.
-- Note: Make a remote in ReplicatedStorage named GetPlayerScripts
-- SERVER SCRIPT (PLACE IN SERVERSCRIPT SERVICE)
game.Players.PlayerAdded:Connect(function(player)
local playerscripts
local success, err = pcall(function()
playerscripts = game.ReplicatedStorage.GetPlayerScripts:InvokeClient(player)
end)
if success then
wait(0.01) -- exists so that you don't get kicked once the script that fired the remote gets destroyed
playerscripts.ChildRemoved:Connect(function(obj)
if obj:IsA("Script") or obj:IsA("LocalScript") or obj:IsA("ModuleScript") then
player:Kick("You trying to exploit or something?")
end
end
end)
-- LOCALSCRIPT (put this in StarterPlayerScripts)
game.ReplicatedStorage.GetPlayerScripts.OnClientInvoke:Connect(function()
return script.Parent
end)
script:Destroy()
No matter what measures you take, you will never have a 100% hack free game.
Yeah thats the only part of not being able to make one
Its to risky to automatically kick the player. it could be a false alarm and roblox does have built in scripts that get added and removed.
There are other measures the exploiter could do to stop scripts in other than deleting them.
There are some posts around the devforum about anti exploits, you can try looking through them.
Maybe for example an anti-teleport just send them back to their previous place instead of kicking them out of the server.
As to what I’ve heard before the exploiter could just add wait(math.huge) inside the LocalScript’s ClientInvoke.
plus your sending a remote to the client which could be blocked to so you can’t detect changes.
You see, the remote is fired as soon as the player successfully joins the game. So they can’t load their exploits that fast.
Also, just remove the script:Destroy() from the localscript and remove the wait(0.01) in the serverscript.
some exploiters/executors are insane and could load in the client before they even are officialy “joined” in the game
That script should still be able to defend against some exploiters. Something is better than nothing.
Yeah. This guy showed his synapse auto inject feature that injects even before the game loads
I see it’s good to have some protection but sometimes the false positives are to risky.