Clients with the ability to execute locally ran scripts would easily be able to retrieve position of other clients’ characters.
Simply by looping through game:GetService("Players"):GetPlayers() and referencing their character via .Character property.
for _, plr in pairs(game:GetService("Players"):GetPlayers()) do
local position = plr.Character.HumanoidRootPart.Position
end
Thus, revealing the position of other players.
I’ve thought about creating an empty R15 rig and letting the client control that specific rig so as to prevent access to characters via .Character property of the player instance.
This method would lose all the replication features the client has on their characters, needing everything to be ran locally which isn’t ideal.
Not only that, the characters would still be accessible via workspace since they can be easily identified with the Humanoid instance in the characters.
All the methods that came to mind were nothing but impratical.
I would assume this to be crucial in a game where the gameplay would require the location of each player to be hidden.
I agree that, while it may not be practical, having some sort of custom way to manage characters to prevent them from replicating from a distance may be the best thing you can do. This would disallow exploiters to get the location of other players from far away because they have no access to their character whatsoever. This may not be a great solution for every case though, because a game like a long distance shooter may require players to see one another’s characters from across the map. Make sure that, however you choose to approach this, the characters are never managed in the server’s workspace, because then they would replicate and ruin the entire purpose.
Seems perfect for my case since players aren’t supposed to see each other unless within radius or when they are not hidden anyways.
Custom characters would be a pain in the ass but I guess I will have to do whatever it takes to counter this issue.
Thanks.
hey,So Another thing,The player is in a random position(from hacker perspective) and the real player is at blah blah blah,So create a clone of the player,Parent it somewhere where hacker dont suspect and make it be at the player REAL position.use that for collision,Visibility etc
The only place I can parent it is within workspace if I wanted it to be visible to other players.
And if I were to use the default characters, there are no ways (afaik) to customise the replication, hence it would be exposed to all the clients, regardless of exploiter or not.
Not to mention the server would then be required to handle two times the amount of characters.
All in all, a lot of issues will arise, hence I think custom characters and replication would be the best, thanks!
