Is there anyway to stop hackers from stealing/copying your game and scripts?

Nope.

We had Crystal in our game just for the reason to stop stealing our games, what happens we get leaked and then the owner admitted it wasn’t that reliable, so no.

If there was a way to detect any amount of exploits on injection alone, why doesn’t every single frontpage game have an anticheat for that? They definitely have the budget to pay for an anti-injection script, or at least pay someone to make one, so why don’t they? Simple: Because there isn’t any such thing (yet)

The only way you could really detect if someone injects is if they have a script in their autoexecute which is detectable.

Please post a link. I can’t find it.

If your game’s map is large, you could use Site-DELTA’s method of preventing map theft, you can make a chunkloading system, unloaded chunks will be stored in the ServerStorage or ServerScriptService, these two services are server-sided, therefore the hackers cannot access/download stuffs stored inside them. You don’t necessarily need to worry about server-sided scripts being stolen, as It’s near impossible to steal them. Hope this helps.

There’s no point in chunk loading for the sake of preventing map theft, do it because you want to optimise your game properly. Chunks should be in ReplicatedStorage so that they’ll be replicated to the client’s memory and quickly accessible when needing to load chunks.

Setting up a chunk loading system where the client doesn’t have access to the chunks is the antithesis of a chunk loader and using it to prevent map theft instead of to optimise is also not using it correctly. It’s a waste of time and there’s also no guarantee exploiters can’t just save chunks after they load.

Not nearly impossible, completely impossible. No server-side code is ever sent to the client because it doesn’t have a need to compile or run that code.

I see, so the best method in preventing map theft will be iiKossmoZ’s method? If so, can we try crashing the client using while loops instead?

I would argue no it’s not. The response already does a good job at explaining itself that it’s not the best method by saying it isn’t perfect.

Injection is client-sided so that means your solution also needs to be client-sided and no client-sided solution is completely flawless, the most it may do is stop a casual exploiter with no depth knowledge as to what they’re performing. The server can’t flag injections because nothing happens on its end until the client starts sending something through over the network or modifying something it has authority over.

Also, instances are still available in memory after destruction awaiting garbage collection. Exploiters can fetch instances back, make copies or stop the process completely.

Add a script in ur map or a hidden part of ur map that sends a webhook to ur discord server notifying if the game.placeid is not your game.placeid it means ur map was stolen so.
Then u use that information to report the player.

If u want u can go an extra step, and befriend that person using an alt and get to know them and then build trust and u then take all the robux they got for their birthday.

Place-stealing exploits can only copy what is accessible to the player, so any server scripts will get lost in the download. A local script could do that but the exploiter could just search for anti-theft scripts and delete them after the download.

i replied on it before it got cracked by bunch of v3rmies

I know just make that your game doesn’t have any free models or models that they can get,
that is a big problem.

That’s why!

WHAT TO USE TO KEEP YOUR GAME SAFE

NO FREE MODELS OR MODELS THAT THEY CAN ACESS!

Yes, I had a hacker attempt that today. He tried to delete the anti-exploit which got him a very nice ban.

I do that but some hackers have clients to copy a game when they are in the game.

or instead of :Destroy(), you can tp them to an empty baseplate, then kick them there.

I was selling my British Army in GRP and a guy called EthanChas came over to buy it. When we were almost into settling it out, I cancelled it due to me not wanting to give the price mentioned. He did not pay me anyway. Then he came back and threatened me saying he would hack my game and steal it using Synapse and he did it. I am really disappointed at this and just over the fact of losing a game, wish Roblox had more security features…

It’s not about security features. Anything that is on the client, the client has full access to. Nothing you can do. Not much Roblox can do. Exploiters always find a way.

If you wanted to stop hackers from getting your code i would recommend obfucation, but have a copy of the script saved in a file or a different private game.

crystal anticheat doesnt even work lol, there’s a plethora of ways to easily bypass it

Obfuscation is basically just security through obscurity, it increases the file size of your program and often decreases performance while increasing memory usage.

Some obfuscators can easily be deobfuscated given that the attacker knows what they are doing and has spend time on learning how lua works.

Not to mention that relying on obfuscation to be your main form of security / protection is a bad idea as
one could take the time to develop a program to look for specific parts of an obfuscated file and attack those specific parts. It can be an effective form of protection against reverse engineering, but relying on obfuscation alone is not going to help much.

Besides, some obfuscators logs your script pre-obfuscation, pretty sure that’s something you don’t really want if the program needs to be protected

sorry for the really late follow up but how would I destroy everything only for that player, I have been testing since June of 2020 yet still can’t figure out how.