Not sure if this belongs here, but if I have this simple script inside StarterPlayer:
local plr = game.Players.LocalPlayer
local char = plr.Character or plr.CharacterAdded:Wait()
repeat wait() until char
while wait() do
if char.Humanoid.WalkSpeed >= 20 then
plr:Kick('Please do not exploit in this game, nor the Roblox Platform itself, thanks! :)')
end
end
To catch exploiters, if it’s removed should I (with a server script) clone it back? Would that most likely fix the issue of a player deleting the anti exploit? Thanks!
Never trust the client. That code can be easily removed or messed with. Create a server script and measure players physics by using workspace:GetRealPhysicsFPS(). I believe there is an article about it. I’ll try to find it and edit it in here.
EDIT: So the anti exploit on the wiki is a client-sided thing. You’ll want to account for ping on the server and factor that into your equation. I recommend setting up a warning system. Once the player passes 3 warns, he/she gets kicked.
I know it can be easily removed, but If I took a server copy, cloned it into their StarterPlayer and repeated everytime it got removed, would that fix it? (Yes I know never trust the client, but this seems logical in my personal opinion.
Reparenting an instance at that rate would cause strenuous activity on the server, especially for multiple clients at once. Adding onto that, if a client turns his/her ping up high enough, a script can run in the background deleting incoming local scripts from the server with ease.
It wouldn’t be removed from the perspective of the server, so there’d be no way to do this. It wouldn’t be strenuous on the server, it just wouldn’t work.
The methods found here are quit bad.
here is a simple server-script that can save you from some bypassable walkspeed exploits, now it might be bypassable in some way, but I haven’t found one yet (as I am not an exploiter lol) so anyways here is a way more effective strategy at keeping exploiters from using speed.
game.Players.PlayerAdded:Connect(function(player)
player.CharacterAdded:connect(function(character)
local humanoid = character:FindFirstChild("Humanoid") or character:WaitForChild("Humanoid");
if humanoid then
humanoid.Running:connect(function(rate)
if rate >= 17 then --// 17 can be changed, just the default is 16 and it can overflow sometimes.
player:kick("Exploiting.");
end
end)
end
end)
end)
now of cores the client can replace the humanoid, but that can easily be fixed as it respawns the character.
so instead of depending on 1 looping values which can easily be bypassed, you can rely on a better ani-exploit.
@snorebear your method can easily be deleted and even with it active, doesn’t prevent unwanted speed.
@wayIxn there are many methods of exploiting and bypasses, just keep that in mind.
That aside, it’s highly unlikely that speed exploiters actually change their frames anymore. All they do is simply change their WalkSpeed and be done with it. The server cannot see the new WalkSpeed the client used, however it can see the client moving faster due to network ownership and thus the replication of that rapid movement.
I’d personally suggest working with the velocity of a character and determine whether or not their velocity exceeds what the server sees their intended velocity should be.
Thanks!