I am in the process of organization and testing before the release of my game. I am fairly certain that now is the best time for me to look into anti-exploiting. Could I get any helpful feedback regarding where I should begin, what I should know and what to do in order to make my game as protected as possible. |
–So far I have to the best of my ability maintained server-sided checks and have taken full advantage of remote events in almost everything. But I also understand that there is more that can be done, just the matter of what is best/efficient and what I can do.
There are a lot of resources and threads available addressing this question. You can find them using the search feature.
Outside of implementing a secure client/server modal (authoritative server, sanity checks, type checking, etc) and possibly implementing server-side checks to prevent physics based exploits, not much. I do want to take the time to stress the importance of static analysis when it comes to using third party plugins and models though, as these may (and often do) contain malicious code then which gets executed in your game/dev environment.