Still, this is made to prevent those types of lagswitches. It basically lets you set a sort of ping timeout.
This is completely false. If you don’t like the post just leave, instead of spreading incorrect information.
Anything created on client will only be accessible to that specific client. Even though you have network ownership to your own character, that doesn’t mean cloning it will suddenly make it replicate.
So no, server side magnitude checks can’t be bypassed (unless they’re implemented poorly)
I never said anything about cloning it.
How is stating facts hating the post? I’m simply pointing out that everything this module was made to prevent can easily be bypassed by almost every exploit available, this is common knowledge.
If a exploiter creates a character on the client the server won’t see it so how am I wrong here exactly?
nor will other clients. the player also won’t be able to interact with anything with that fake character so it’s pointless.
in any case, this is getting off-topic, if you’re actually wondering why you’re wrong DM me and I’ll explain in detail.
valve pls fix
Open source code doesn’t mean it’s inherently less secure. A solid check is a solid check. Closed source or obfuscation isn’t inherently better. There’s a good thread on this the pros of open-sourcing that you might find interesting: The magic of sharing: Why you should open source
Most people using exploits, especially movement based once, don’t actually write the scripts they use. Meaning that as soon as you block it, it’s not like every exploiter becomes effective problem solvers all trying to break through your anti cheat. It’s still going to block a good deal, and if your system is well set-up, you may be able to effectively neutralize the cheat for the most part. At the very least, it’s better than being completely unprotected. I’m sure your players would appreciate at least some of the exploits being blocked, even if you’re not 100% successful.
Hitbox expanding as in it checks for size changes in other player’s characters, and the speed check goes off of a stud check, not a velocity check.
Yo, im Conra_virusman, formally known as @kinglol123468. Im gonna make my first post useful and give you a tip to improve the anti-speed. As we have noticed that anti-speed is really bad. Theres a way you can make a anti-speed without using the client. All server. This uses the
Humanoid.runningfunction. Heres the code
game.Players.PlayerAdded:Connect(function(plr) plr.CharacterAdded:Connect(function(char) local oldpos char.Humanoid.Running:Connect(function(spped) if (spped > char.Humanoid.WalkSpeed+5) then char:SetPrimaryPartCFrame(CFrame.new(oldpos)) else oldpos = char.HumanoidRootPart.Position end end) end) end)
That is a very bold claim which holds zero weight to it. It’s impossible to pull off in a 2nd party anti-cheat.
I think your misunderstanding the advantages of a system like this. It’s not to prevent exploiters from essentially teleporting their camera to see any portion of the map. The point of this module is to make it so the client cannot just replicate it’s character position to the server which in turn is used by internal game systems (for example a racing game finish line) and replication to other players.
So here’s how the speed check will help. Let’s say the exploiter requests a position change for their character position on the server, by changing the humanoidrootpart.CFrame of their character to make them go to the finish line in a running game. Since character model has networkownership this would replicate. However, with this on a magnitude check would invalidate the client request, making it so the exploiter only teleports the fake character they made. (If they were using the default roblox character, nothing would happen as it would get reset by the server).
The advantage is that the character cannot just teleport to the end of the race. Teleporting their own local character isn’t recognized by the server.
This is a really bad way to make an anti exploit. It only prevents if the exploiter changes their Humanoid.WalkSpeed values which is really basic. Most exploiters change their HumanoidRootPart.Position. This means Humanoid.Running won’t get fired.
Its meant for speed. Not humanoid root part teleportation. Its not meant to be for anti-exploit. I was just giving a suggestion.
I don’t understand why you posted it then though. It’s a much worse way of doing what this module can accomplish already.
Can you read? It was a suggestion. Not meant for teleportation. You dont have to use it.
Am I missing something here? This is what you said (below). I was just saying that your way isn’t really any better as you claim, just because it doesn’t use the client.
This point is invalid. I know how it works and your example is bad. A cheater can still just teleport over and over again to the finish line and even though they get sent back the server will still register the hit. Trying to stop exploiters is fruitless.
The only way to prevent most exploits is to hard code sanity checks in your code. This module does not add any value when it comes to stopping them.
I think this module is a good first step towards that, now i’m thinking about it for the racing game you shouldn’t be using the actual character’s position as the position used for internal game systems. The position used for that should only be updated after the server feels like the request is legit. This means if the exploiter changed their character position to the finish line it wouldn’t get replicated to the position used by the server to detect the collision for the finish line until the server verifies this move is possible.
Then you would use a custom collider on the server which is set to the position stored on the server. I would actually. Something like a client side prediction system for the movement.
There literally aren’t any instructions(I was looking at the wrong thing). Also, you should consider putting proof of your anti-cheat working in the post.
Weird. I have the instructions. Clicked the link, scrolled down a little bit, and:
Theres also stuff further below about the API.
Oof, I was looking at the Github source page and not the installation page lol