I’ve been told that exploiters can freely modify client, but not the server. (Not saying they can’t, just not as easily as the client.(?))
But why?
Why is modifying the client so easy, but not the server?
What makes it so difficult for the server to be modified directly?
Please try to explain in simple terms. (since i know close to nothing about how exploits work)
put here because i don’t know any better channels
all client data stored on local machine, while server can only be accessed by certain API like RemoteEvent.
As example, Player’s Character exists on both client and server, but due to how engine works, player controls position of his character from his machine, thats why speedhacks exists in any games.
On other side, as example there will be IntValue timer, if client try to change it value, nothing will happen, because server doesn’t expect to client change any values.
Remote events are mostly the way how games get exploited, due to insecurity. Long ago engine had some exploits, but they are mostly fixed
But why can’t clients (exploited ones) “force” the server to change the values, bypassing the server’s rejection of them?
Servers have the same security as Roblox. The reason why it’s so hard for them to access anything on the server is because they are only injecting code into a client. The server never trusts anything the client says, hence why they can’t change it.
The client is the exploiters computer. Your able to modify your own computer. You cannot modify your friends computer with your computer so easily. On the server, it’s a whole different machine. You cannot modify a machine without having it’s passwords or correct files. The server doesn’t share any of it’s information.
Its like trying to modify someone’s brain, you cannot. Your brain is your brain you can’t just change what someone is thinking about unless your using some brain link stuff. The server is pretty much locked from being accessed to. Which is why we use ReplicatedStorage to store data for the Server and Client to see.
To be able to modify the server, you must use remote events. Like @HafuPlay said above my post, he insisted not to make it so easy to change data.
There are only certain things that servers will trying to get fron client (like with character) there is no way to force anything on server
You just cannot. Forcing the server is literally impossible, unless you go underground and change some code with the actual server object.
I’m starting to understand a little better, thanks a lot for the clarification! (although obviously i’m far from fully understanding)
Oh, so that explains it. I’ve always wondered why hackers can’t just force the server to do something, regardless of rejection.
Nice to know that you understand. If you can, please click the solution box so that the topic may be deleted from the New tab and help others with their same problem.
On any comment that helped you.
Basically, when playing any game on roblox, the server is a roblox owned computer that will simulate the place and add clients (like you) in it. The only thing clients can do is send stuff to the server that they want to be done (like movement, chat, remote events, and much more) and the server receives this information and does what roblox told it to do (translate it into roblox lua code) and what you told it to do in your server scripts.
The only way for a client to actually modify the server would be to physically locate the computer and then understand how to modify it… which most likely won’t happen.
This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.