I am starting out a game an d working on the organiaation. For the modules , which ones go in rep storage and which go in server storage? Im using profile service, does it matter that that’s in replicated service cause i put all the modules in rep storage so their all in 1 folder. The client can access these functions this way, and some functions also manage/change leaderstats but i wanted to also confirm that exploiters cant abuse this and change status using these modules b/c their only changing it client wise and not service wise right?
1 Like
Yes, the client can change every item in the replicated storage, but it will only be visible to them, as it won’t replicate to the server. Therefore i believe it is safe to simply place all your modules in the replicated storage, as the player won’t be able to do anything but visual changes, that only count for the client himself.
1 Like
So then whts the benifit of ever putting modules in server script service? Or really any anything?
1 Like
Players cannot reach the server script service, so I believe it is just an extra safety measure. I prefer to place them in the server script service to keep my replicated storage for remote events & stuff like that.
2 Likes
Ah, i already started and im using lots of folderes 2 keep stuff neet so im not gonna change it unless someone says its a big problem/target for exploiters.
2 Likes
ProfileService goes to ServerScriptService as it only works for the server as @loleris stated in the post
ye ik that but since its in rep storage, and i have defined it their already, does it really mtter if i switch it back? thanks
To put this simply, if you are using ProfileService, it MUST be in the ServerScriptService. There is no ‘what if’, or ‘how about’. Please do read more clearly on ProfileService’s original post. Players should not have access to their save profile directly unless you want exploiters crawling around inside your experience. Also, Converting it from ReplicatedStorage to ServerScriptService should not be a big problem at all.
After using it for quite a while, you will notice that you will start using RemoteEvent or RemoteFunction more to establish a connection between a server and clients, which is a good practice. You always want to verify players’ actions if they are valid.
2 Likes
yea i did , just wanted to make sure thanks the help
1 Like
uhh if you believe it’s the solution, then mark it as a solution, here is what loleris said
2 Likes
Wait what, they can only change their info client sided i thought? Also on their original post, i didnt see the part where it said that it has to be in server script service? It says its server sided but doesn’t that just speak to the fact that clients can’t access it b/c when i tried acccesing profile service through a local script ijust got an error, or no profile was found. I will change it to server, but I’m still confused on to why becuase I dont see how exploiters cn take adv of this if profile service can only be changed through the server side. Also I know what your saying about remotes, so do you recommend when using cooldowns, instead of adding a wait to the local script that fires to a remote, i fire the client once the server finishes to start the cd on the local script?
1 Like
yea he said its server side only, but how does make it unsafe for rep storage? rep storage is still fine cause local scripts can’t modify data , right? Sorry for pointless argument im just trying to understnad for future uses.
1 Like
because exploiters can only access the client and no matter how much security, they will still be able to access it
but they cant alter it so why is them accessing i t a problem if thier not really changing anything?
1 Like
they can abuse the module to ruin everyone’s gameplay
1 Like
bruh how? they CANT alter anything except on thier on computer? The module will change others stats just on their on computer not the other clients. Srry 4 being a pain.
1 Like
That is a nice question to ask. Even though it is not stated clearly that you have to put it directly inside the ServerScriptService, but the word, ‘Server-side only’ implies that the module should be put inside the SSS. What you are asking is that ‘it is only on server side, but why can’t I put it inside RS’ Easiest answer is There is no need to. Why? If you want to figure that out yourself, try to read the whole module code and understand what it does deeply. If you ask me, I do not know, but I assume that the module itself has some kind of connections between the module and the server obviously. That is why the module manages to carry your save around between each session. Put everything aside, and please do consider it as a “best practice” about how to structure your scripts.
I will try to give you an example about this.
Can you play a game inside your closet? Yes. Is it the best place? No. Is there a better place? Yes. And that applies the same idea about this situation.
Thanks your example helped me a lot. It isn’t exactly a problem if I don’t change it, but its better to be safe, and just change it cause thats the better thing to do . Thanks, you’ve been super helpful. Would this apply to all my modules that alter server sided things like player stats etc…
1 Like
I think the main benefit of using server storage rather than replicated storage is to help prevent your game being stolen.
If you put all your server logic in replicated storage then any exploiter can copy your whole game. All the source code for modules in replicated storage is visible to each client, even if they don’t use it.
If you use server storage then the modules can’t be seen at all by any client. They can still steal all client side logic but would have to try and reverse engineer your server side.
1 Like