I made a really terrible misleading thread about securing remotes. Which I deeply apologize for.
Everyone was telling me about sanity checks and never trusting the client etc.
This wasn’t really helpful to me.
So how would I go about doing this or securing my remotes from exploiters?
Can someone provide an example for me or share some links to a source for information please.
I tried searching all over Google for an answer, bur never really seen something that helps.
How is that not helpful? That is literally how you secure your remotes.
It didn’t give a really good explanation on what that is and how to accomplish it. I am not that informed on that.
Sanity check → make sure the arguments passed to remotes are sane
Not trusting the client → self-explanatory, your game should be designed around the client asking the server to do stuff, rather than the client demanding the server to do stuff.
There are a bunch of things you can do to secure remotes. Adding a cooldown (shown below) is one common approach to avoid any user from refiring a remote excessively to drain server resources.
local cooldowns = {}
local coolTime = 0.5
local function Cooldown(plr)
cooldowns[plr.UserId] = true
wait(coolTime)
cooldowns[plr.UserId] = nil
end
myRemote.OnServerEvent:Connect(function(plr, args)
if cooldowns[plr.UserId] then
Cooldown(plr)
return
end
-- Write the rest of the function below
end)
This approach is especially useful for remote events that trigger expensive operations on the server, but it’s not necessary everywhere.
Another important step to securing remotes, is to always validate the arguments. Check if they exist and are correctly typed, but also make sure that they are logical. Any checks that you do to validate arguments locally should also be done on the server.