So what’s better, hitbox modules on ReplicatedStorage or ServerStorage, since I’m making a game that use both cilent and server hitbox
2 Likes
Put it in rep storage. Clients can’t access server storage (because it’s server storage) but replicated storage can be accessed by both server and client.
1 Like
That’s what i said but more explained - .-
1 Like
By the way, is cilentsided hitbox vulnerable to exploits since the cilent can just require the module and use it
Yes, Client sided hitbox are vulnerable to exploits.
You made it here first to solve so 
Obviously, so you’re gonna have to take steps to stop exploiters from being able to require it
You have the wrong idea of how to go about preventing exploiters.
If any script is through a local script in the client services or in replicated storage, it WILL get exploited. There’s no way to make countermeasures actually work since exploiters can just change it.
Serverstorage or serverscriptservice has no way of exploiting the values, all that data is stored on roblox computers, not the clients computer. All that exploiters can do is change the numbers being sent to the server, but then again you can make countermeasures and they WILL work.
Anything dealing with important values or interacting with players shall only be done on server no matter what.
1 Like
Thanks for the correction. I’m like rubbish at exploit prevention and optimisation so I’ll keep this in mind, thanks 
2 Likes
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.