Ok so let’s say I decide to use client sided hit detection on melee weapons, the only issue I have is coming up valid ways of verifying it on the server. My melee weapons are scripted by casting rays on every heartbeat from a series of attachments on the weapon. The only issue is coming up with a good solution to verifying it on the server. I don’t just want to use a simple magnitude check because that is not really the most secure. I thought about checking the angle between the character being attacked and the character giving the damage to check if the character is in front of player, but this does not work if the character is spinning. I would prefer to just use server side hit detection but the issue is that this is a pvp game.
Yeah, typically the only thing I’d do on the client is just return the mouse.Hit for the raycast since the client can always be changed by exploiters.
You should create a RemoteFunction and InvokeClient to the specified client to return the mouse.Hit position, and if you get no return:
- Kill the player
- Just ignore the request (best option as misfires can sometimes happen)
- Kick the player (most viable if you know misfires will not happen)
There might be a tiny delay, but its better than an exploiter ruining the entire game.
What I usually do for weapons is I run the detection on the client and then FireServer when its time to damage someone, then on the server I do a distance check with a small cushion to account for lag. The distance check should prevent and ridiculous exploits, you can also implement logic checks, for example if the damage remote gets fired 200 times in 1 minute when its only possible for it to be fired 150 times in 1 minute.
For a simple yet effective protection system, at least for me, I’d use RemoteFunctions.
You can use logic checks as well, whatever method works best for you.