Protecting Remote Events (not about remote hacking, but about remote existence)

That’s not true. Frameworks will help in the development process but not necessarily in the security process. Using a framework has no implications of security or otherwise. A game with or without a framework is as exploitable as any other, what matters more is what your code is doing.

again, I’m talking about the deletion of remote events. not their security. I have my remotes secured. the fact that they exist is important here, not how they work :slight_smile:

If you change the discussion from talking about remote security to preventing their deletion, the response doesn’t change. What does change however is the circumstances which instead of talking about how the server validates client requests, it’s about their presence in the DataModel.

The remotes still need to exist in the DataModel for the client to access and connect to them: in that same vein, the remotes also need to be accessible to the client. If it’s accessible to the client, then they can delete them too. A framework doesn’t change whether or not your remotes can be deleted.

And again, ultimately, the root of your problem still comes down to preventing the client from removing remotes or the Gui you want to give them which is the unsolvable problem. It doesn’t really matter if they don’t access the remote, they can stop other incoming traffic they don’t like.

If a remote event is deleted on the client, the server won’t know, due to filtering enabled.

And exploits only run on the client. So… yeah.

Plus. Why would any exploiter need to delete your remote events?

As i said above, the remote blinds people, so if they delete it, they wont be blinded!
But i bet most of the exploiters Dex the game and that they don’t know .Knit

So a lot of noob exploiters are gone

I can always fire the remote back, and if it doesnt reach the server (which is ALWAYS should) then we know that the exploiter has deleted the remote.

As @MrMouse2405 said, there could be a better way to solve this problem. You’ll just need to give more information. What are you trying to hide from the player? Perhaps you could prevent it from replicating to the client.

alright.
So I basically send a client event and the client makes a UI which fills up the whole screen. If the remote is deleted, the event isn’t sent and the gui isnt made.

Yes, I understood that. But what is the reason why you need to blind the player? What is the player not supposed to see? Are they not supposed to see another player’s actions?

theres like a block, which they shouldn’t see.
The server makes the block become visible and invisible between intervals. when it becomes visible, the client event is sent, and then if the block is in the player’s viewport, then the client creates a gui to be blinded.

This may be a dumb question, but if the block isn’t supposed to be seen, why do you make it visible? Is it supposed to be seen by some people and not by others?

it stays visible for 5 seconds, but the event is only sent when it switches from invisible to visible. how does this help though?

If the player should only be blinded if they happen to look at the part, then I was wrong about there being a better solution.

1 Like