Currently i have a system with skills, where some are locked behind levels and stuff. But heres the thing: since exploiters can access replicated storage and local scripts cant the exploiter change which remote events is firing from the local script? It would kind of ruin games if they can access locked move skills despite not owning them from their local scripts. Is there anyway to prevent this? Or am i completely wrong.
1 Like
if you store the player’s level on the server which exploiters cannot access, in the server script you can use a simple if statement so if the players not enough level and the event is still fired you can just skip it like this
--server script
if playerlevel >= levelRequiredToUseSkill then
--run code
else
-- ban player for exploting and stuff
end
edit: == should >=, mb
2 Likes
Don’t unlock skills on the client, the game should have a progression system that can be checked and verified on the server. And if they still fire the remote, you can check on the server to see if they actually unlocked the skill before proceeding
2 Likes
Exploiters can read and see anything on the client side. thats why you never trust the client. instead, you make all the checks necessary on the server, so even if the exploiter fires a remote event hes not supposed to, it does nothing
1 Like