Is it possible to check if clientside disables localscript from the serverside?

I’ve been working on an anti-cheat. So far, it has been mostly server-side, and most of the anti-cheat is inside players. Deleting a localscript in the character or a script being deleted in the script, will cause the player to be kicked, since deletions in a character replicate server-side.

Yet one SUPER easy bypass is to instead just disable the localscript, and it will no longer detect walkspeed changes or humanoid changes. An attempt I’ve already tried was to fire an event from the localscript using a remote-event in the character (yep, it bans if you delete remote-events.) so it’ll fire an event every 4 or 2 seconds, and the anti-cheat that detects the remotes will reset a timer that goes down slowly to make sure lag spikes can’t cause your player to be kicked. although this can be a easy way to detect disables, it can also be easily bypassed if the script itself just fires the event themselves. I’ve thought of a sort of encryption that is different in every server, but remotespy can detect fires from the client, meaning that this can be still easily bypassed anyway.

Is there any solutions for this issue, and if so, how?

There are no solutions that can’t be bypassed. For detecting speed hacks, you can get the magnitude between the player’s current position and their previous position. If the magnitude is too high, set them back to their previous position.

Yep, I already do something like that. It mainly is just to detect teleporting and sometimes noclip. It can at times detect speed, but due to the fact that it checks every .005% of a second. I might add a way to detect speed like that.

Alright. I’ve added something to combat any speeds over 30. now there is zero worry about bypasses.

You could check the state of the script’s “Disabled” property. If it is expected to be false but it’s true then kick the local player and vice versa if the script should be disabled but it’s enabled similarly kick the local player.