Like @boeljoet said, putting the module inside a require() call isn’t going to protect the script since you can just get the ID and view the source on the Roblox website with an extension such as BTRoblox (or load it directly into Roblox Studio with InsertService)
When private modules were a thing, requiring a private module so that others couldn’t see the source (like Kohls admin did) would work, but they were removed in late 2018.
You could try obfuscating the script, but that would likely create concerns over the script potentially being malicious (since now you’re unable to look through the code and validate it’s legitimacy), and also hinder the script’s performance.