Hate to bump this topic with bad news 
but now that the Roblox client is integrated with the Byfron anti-cheat, Iām still seeing a lot of players getting caught by my own sever-side anti-cheat in my server logs. Mainly the cheesy stuff like speed run hacking, flying, teleport, etc. Anyone else noticed a decline or increase in hackers publicly exploiting games?
2 Likes
I read here that keeping maps in ServerStorage can protect your assets but once that map is cloned into the workspace, is it still safe? Canāt the client hack into and download that asset now that its replicated to their client?
I was also wondering with UIās and other things
I just didnāt fully understand what counts as server and is (protected) only parented to a server service? cloned or created by and/or within a server service by a server script?
1 Like
This is something I want to know to hopefully someone can tune in on this
Once they are moved to Workspace, they are replicated which also means they arenāt safe no longer. You should still store maps on the server though.
Iām already doing this sounds good thanks for the info
Keeping maps in ServerStorage can keep your assets safe to an extent.
It can also improve the quality of the network connection of the clients since the maps arenāt always loaded in.
For example, your game has an upcoming live event and you have a special map for it.
You donāt want to update your game to include the special map when the time comes since updating will only work on newer servers. Older servers wonāt be able to witness the live event to its full extent because of this.
What you can do is store the live event map on the server, and when the timer hits 0, you can parent it to the workspace. No exploiter will be able to see that live event map until itās replicated to the workspace which at that point everyone will be able to see it anyway.
Now, as this post said, exploiters have full control over their clients. Meaning, anything replicated to them, they can steal. If you parent a map or a part to the workspace from ServerStorage, it will be replicated to all clients, thus allowing exploiters to steal it.
ServerScriptService and ServerStorage are two services that arenāt replicated to clients and are only accessible from the server. Anything under those two services will be impossible to access by exploiters unless thereās a backdoor.
Iām working on a private project so I think Iāll be safe from backdoors.
Thanks for the info (I knew all of this) but Iām glad I can hear the information from another person, because I didnāt know for sure.
Iāve kept my maps and any assets possible in server storage, along with not trusting the client over remote events, etc
1 Like