What hackers can/cant do

Hate to bump this topic with bad news :frowning: but now that the Roblox client is integrated with the Byfron anti-cheat, Iā€™m still seeing a lot of players getting caught by my own sever-side anti-cheat in my server logs. Mainly the cheesy stuff like speed run hacking, flying, teleport, etc. Anyone else noticed a decline or increase in hackers publicly exploiting games?

2 Likes

I read here that keeping maps in ServerStorage can protect your assets but once that map is cloned into the workspace, is it still safe? Canā€™t the client hack into and download that asset now that its replicated to their client?

I was also wondering with UIā€™s and other things

I just didnā€™t fully understand what counts as server and is (protected) only parented to a server service? cloned or created by and/or within a server service by a server script?

1 Like

This is something I want to know to hopefully someone can tune in on this

Once they are moved to Workspace, they are replicated which also means they arenā€™t safe no longer. You should still store maps on the server though.

@Sub2_AlteredMindYT

Iā€™m already doing this sounds good thanks for the info

Keeping maps in ServerStorage can keep your assets safe to an extent.
It can also improve the quality of the network connection of the clients since the maps arenā€™t always loaded in.

For example, your game has an upcoming live event and you have a special map for it.
You donā€™t want to update your game to include the special map when the time comes since updating will only work on newer servers. Older servers wonā€™t be able to witness the live event to its full extent because of this.

What you can do is store the live event map on the server, and when the timer hits 0, you can parent it to the workspace. No exploiter will be able to see that live event map until itā€™s replicated to the workspace which at that point everyone will be able to see it anyway.

Now, as this post said, exploiters have full control over their clients. Meaning, anything replicated to them, they can steal. If you parent a map or a part to the workspace from ServerStorage, it will be replicated to all clients, thus allowing exploiters to steal it.

ServerScriptService and ServerStorage are two services that arenā€™t replicated to clients and are only accessible from the server. Anything under those two services will be impossible to access by exploiters unless thereā€™s a backdoor.

Iā€™m working on a private project so I think Iā€™ll be safe from backdoors.

Thanks for the info (I knew all of this) but Iā€™m glad I can hear the information from another person, because I didnā€™t know for sure.

Iā€™ve kept my maps and any assets possible in server storage, along with not trusting the client over remote events, etc

1 Like