If you replicate anything to the client, they have the copy and can save it. There’s really no way to stop that. You could structure your game to replicate as little as possible and host all the logic you can in server-sided scripts, so at least someone downloading your place will only get a physical map and not the whole games’ code too.
1 Like
Yep, that is exactly what I do.
Putting most/all server scripts in ServerScriptService may look disorgonized, but simple folder orginization can fix that.
A good practise is moving things from ServerStorage to workspace and back when they are needed or not, for example: map selection.
I’d love to think others are right, but they’re just sadly not. Server Scripts cannot be stolen unless you have backdoors in your game file.
Everything client sided (local scripts, the map, replicatedstorage, etc) can be stolen easily by exploiters and there’s nothing that I can do or that Roblox can do.
HTTP requests or API Services have nothing to do with this whatsoever.
No matter how much of an incredible anti cheat you make, they can still steal it with ease
Are they publishing it after stealing it? Can’t you submit a copyright take down and see if Roblox will remove the copy?
I wouldn’t think a map with no server scripts would be of much use. If they’re just doing it to irritate you, maybe just ignoring them is the answer.
Anyone can steal the map. No-one can get any server scripts though. If it has serverscripts in the stolen versions, then someone you trusted betrayed you.
wait why hasn’t roblox shutdown r/robloxhackers?
Well there isn’t really a proper way to prevent exploiters from copying your game, though you can somehow prevent them from stealing a few stuff like scripts and probably building assets. As for scripts, you can make a client module inside StarterPlayerScripts which loads all the necessary scripts inside that module, and after that you can delete those modules (from PlayerScripts and StarterPlayerScripts), so you’d be literally running them in nil - trust me it helps a lot as I’m currently doing that, but sadly if you have modules inside ReplicatedStorage it will still allow them to copy those, but with the client module you’d prevent most of your source code from being stolen. For building maybe you could make a script which loads building parts when you’re near them, that means the exploiter would need to go through all the map or they’d have to save the map by parts which is a boring process.
That wouldn’t work either. Client still has control over those scripts and can edit them.
But the scripts wouldn’t be there. Upon joining it wouldn’t even give them time to download those scripts as it’s as if it was never there. They’d be all module scripts btw.
Think offensive.
You can’t prevent stealing, asset rip-off happens across the industry and it is extremely common. However, if you think offensively, you’ll see a bit more success. Focus on counteracting against stealers rather than being defensive.
Let me take these as examples:
Hey, there is a reason why big companies slap copyright claims and cease-and-desist letters to people instead of implementing prevention steps, it is because people will get always get around the technical side of things but they don’t have the money to go into a legal battle.
8 Likes
Has the stolen games have exact replicas of your server scripts? If so, it’s a backdoor, if not, I guess it’s just a dev thing you have to deal with. Some anticheats have used a anti-dex feature.
Alright. Thank you. I’ll mark this is a Solution.
1 Like
dex is through the core gui, im not sure if core gui is possible to detect anymore due to roblox
Yes but there are few ways to get around that which require a very high scripting knowledge which most developers don’t have. Although even if a highly advanced scripter puts his scripting knowledge into this it would still be bypassed.
So a conclusion it is not possible to prevent this sort of thing.
anything is patchable and bypassable
https://x.synapse.to/docs/reference/environment.html
<table<Instance>> getnilinstances(<void>)
Most injectors provide a trivial way of collecting nil instances (instances parented to nil), whatever solution you’re suggesting is essentially a waste of time.
Actually no, they’re not essentially being ran in nil. The environment loads and destroys all the modules after loading them, the source code stays the same and cannot be found since it’s not in the game anymore.
I don’t think you quite understand how Destroy() works, all it’s doing is parenting the instance to nil and locking its parent property.
The script’s bytecode isn’t removed from the game as it is required for the script to run.