Hello I want to know some ways in which I could add security to client side scripts. What I am trying to do is make it so exploiters can not steal client scripts. Now I know that this is impossible to stop 100% but it is possible to make it really hard to obtain them. Before people ask about if we have Filtering enable on, we do have that turned on but it does not stop exploiters from accessing client side scripts.
1 Like
Your client scripts can easily be stolen, and there are currently no ways to prevent or even make this difficult.
3 Likes
Anything on the client is able to be looked at and stolen. I’ve said this before, and I’ll say it again: Think of client-side stuff the same way you would with a website: Anyone can take the HTML/CSS/JavaScript on a webpage. Anyone. Thus, you never put sensitive stuff on the client. Anything sensitive should be done server-side.
4 Likes
So in reality they can just grab it with the same difficulty as ripping geometry? Because I would think for example vehicle simulators chassis would have been leaked by now if this was the case. “Asking this because we are using a clientside based chassis which we do not want leaked.”
1 Like
Yep, in fact, much easier than geometry.
The client is vulnerable to just about anything.
2 Likes
What about Private Modules?
1 Like
If the client can see them then yes, but otherwise they’re protected (somewhat, there should be a post around here about their vulnerabilities).
1 Like
Alright if you find it can you send it? I will look for it in the mean time.
The Wiki itself has a sufficient enough explanation to protect your modules so long as your client scripts aren’t requiring the usage of them.
Private modules can not be require()d by the client, only on the server. You could try putting a module in serverstorage and sending it to the client at which time it’s parent can be set to nil. Even then, you may have to come up with some complex way of making sure the sever only gives said module to the first script per player that requests it. Even with that hacky solution, it just makes it harder considering that no matter how hard you try, the dirtiest of exploiters can just sift through the client’s memory.
2 Likes
Ok thanks I will take a look at this and see what happens.
1 Like