I am trying to move the player’s character in one direction. This can be done in client or server side script. Doing it on client is good in a way because it is smoother for client, and also replicate to server without external remote events.
However, this causes serious security issues as exploiters can simply manipulate the code to go faster or slower.
If I do it on server, the latency issue occurs making it horrible in movement. Is there any work around for this ? I need help for my game asap.
Here is the code which I am currently using in local script :
local RunService = game:GetService("RunService")
local Player = game.Players.LocalPlayer
local Character = Player.Character or Player.CharacterAdded:Wait()
local hrp = Character.PrimaryPart
RunService.Heartbeat:Connect(function(deltaTime)
local pos = Character.PrimaryPart.Position
if hrp then
Character:MoveTo(Vector3.new(pos.X, pos.Y, pos.Z - (20 * deltaTime)))
end
end)
I have read other topics similar to this, but I couldn’t get a meaningful solution from it.
Honestly keep it on the client and make a remote that requests every x Minutes or seconds and get the speed it should be at. This way it’s harder to exploit since every x time it would reset to the server’s speed.
Client Uses MoveTo()
Client Requests every 5 minutes to server
Server responds with a direction / speed.
Client receives the response and uses that.
Future Tips: Possibly flag client if their value is different from the server after 5 times. (Exploiting ?)
Does this make sense if not let me know and i can try to clarify more.
Thanks for the reply. My game is similar to subway surfers but the issue of requesting to server via event for every second may seems too much for server. It can cause severe network traffic as well.
Also not to mention for every minute, the hacker may speed up and get an item which was suppose to be for later before hand
You’re welcome but as i said above, check every x amount of time, requesting every second is outrageous as you said, when an item is picked up, check the player’s speed. If the potential exploiter has different speeds from the server 5+ times flag them for cheating.
a simple task.wait(Random.new():NextInteger(30,180)) and just ask the server what the speed is would be a valid approach in my eyes. If you are concerned with network traffic you can use a networking library to compress what is being sent through the network.
Always prioritize performances and responsivity over security. Exploiters will always try to find ways to cheat anyway, especially if you use Roblox humanoid character, doing it server side won’t make it unexploitable at all, so you better should keep it entirely client side.
The best thing you could do is to do some sanity checks every few seconds in server side to ensure the character is not moving faster than expected. You can do that by checking the distance between the current HumanoidRootPart position and the last HumanoidRootPart position you got a few seconds ago, then check if the character speed allow to travel such distance in such time or not. There is no need to use a remote event and don’t forget to prevent ping to avoid false detection.
What I would do is keep track on the server of the average speed and if it’s higher than normal (account only for horizontal velocity) kick the player.
P.S.: you can use Humanoid:Move(desired direction) and the Humanoid will just run in a straight line in the given direction, so you don’t have to call it every frame. This also means you don’t have to move the character entirely, and can instead make the player run based off of their walkspeed.
Did you just reply to just reply? I said keep a reference of the player’s velocity / distance that is given from the Server, if their VELOCITY / DISTANCE is different from the Servers VALUE how are you possibly going to get false positives. If we are checking a VALUE and not the player’s overall distance???
Secondly, who said anything about 5 minutes? The value i gave is 30 seconds to 180 seconds (3 Minutes) if the OP wants too they can change it, it seems like you just wanted to be included into this conversation.
Apologies, I was skimming over everything and didn’t realize you were talking about something completely different. I will edit my reply.
P.S, I highly recommend not making provocative replies like that. Its not only rude, but it can start a long argument consisting of multiple posts that don’t help the topic in any way.
