I am a former exploiter and own synapse. Most exploiters are children so you only need to really worry about speed and fly hacks, however, there are more experienced exploiters that can manipulate remotes and network ownership which will completely ruin your game. Thanks for publishing this video because I myself did not know about the network ownership one.
I also own a couple of exploits including Synapse X (sadly my router blocked it :sad_face:) and I know about network ownership and how it works. I don't know how an exploiter would forget about part:SetNetworkOwner(nil) because devs use that alot.
I totally agree, he turned this scenario from a big and scary thing into a simple and easy thing. I hope I start seeing less of these remote vulnerabilities in good games.
Exploiters are easy to deal with when I am in the game, I just delete them from the game and run a script on the server that will constantly check if they are in game and delete them from it, But if I am not in the game, Those filthy exploiters can get into mischief. This tutorial was useful for child-proofing my games from the fifthly darn kids who try to exploit.
you have outdone yourself once again, while most "hackers" are just script kiddies there are a few you gotta worry about so this video of yours is perfect to make games safer while also teaching new coders how it happens in the first place, well done and great job, keep it up.
Your tutorials that go over various aspects of lua scripting are the most helpful that I could find and I've learned a lot through your previous tutorials to where I am confident that I could start a little project with the knowledge I have gathered. Thank you so much.
In my experience a solid portion of exploiters are teens/adults with depressing lives who waste their disposable income gaining unfair advantages over children because it gives them some semblance of control and power in their worthless lives. The reason I know this is because I was there once when I was 18-20 and I am still in many of their communities on Discord. NEVER underestimate the passion of greed and toxicity behind the exploit community. Imagine your defensive layers around your game are like a cheese grater, and the exploits are the cheese. No matter how small you make those holes in the defense, the exploiters will tirelessly work towards squeezing through the cracks and microscopic holes. Never stop updating your game, and always stay in the loop and keep up with exploit communities. Stay safe gamers, peace.
A majority of exploiters who do script their own stuff and know what they're doing are definitely an older audience (Older teens to adults). They also make up like 0.1% of the general roblox exploiting community as a whole. Although a huge number of them are not living depressing lives at all. Often times we just exploited because we liked trolling. Another thing to note is a lot of games player bases are entirely built upon exploiters. For example Fencing, Dollhouse Roleplay, Twisted Murderer, Jailbreak, Etc. I primarily scripted because it was a fun way to see how roblox's engine works and how to exploit that. I totally agree that exploiters will find any little thing to exploit and bring destruction to any game. I quit exploiting earlier this year due to personal reasons and of-course, the upbringing of byfron.
It's good to note that you can actually throw in dummy args in your remotes. Catches a LOT of people. E.G. Instead of completely removing the item price argument here, we could catch exploiters by keeping it, and comparing it to the itemPrices table. If the price isn't the same, then obviously, someone messed with the remotes. Little things like this add up a LOT. In one of my games, I caught a few people just by letting them think they could manipulate the force behind knockback. And, as the game gets more complex, the anticheat becomes easier to bypass. Be prepared to look through a lot of randomly released scripts when you make a release! Note: Exploiters will happen. Don't spend too long fighting them, your game's release is more important!
this is a minor inconvenience for whoever is trying to exploit in your game - to be honest i dont think this is a good idea as you'd have to actively update 2 scripts and one mistake in one could cause your some of your playerbase to be flagged - in my opinion its never right to kick the cheater as to restricting their access.
@@yesil_hiyar7335 I mean, I'd never kick an exploiter either. Also, it may be a minor inconvenience but it has always flagged hundreds of exploiters on my end.
I'm glad you made this video for people who don't really know how exploiting works. I used to not understand but once I started using exploits in my own game I realized that a lot of my games were insecure and had remotes that could manipulate datastores, spawn admin-only items, etc.
@@flowckey well the anti speed cheat part of the script easily removes teleporting off the list, and if you do spawn instances on the client side, the server wont count it because the script is server-side. sorry that im responding after 2 weeks.
@@Blade3337R I do believe that spawning instances on client would be counted as in Jail Break but I think the falling mechanism would take that in charge. No worries, I also don't check my notifications often.
These do work, but the floating check will flag on high ping players, yes you can whitelist that but then cheaters can use blink to hold network packets, another problem is if the player's game is like tower of hell, falling down will flag, vehicles will flag it. There is also a very knew method that it overpowered, but I won't mention it as most regular exploiters don't have access to this method.
Simple way to check to see if someone is falling or not! VELOCITY and CFRAMES! Both on the Y axis. Check if they are floating using racyast and then time that. If they're hovering over a part longer than a couple seconds and their velocity behavior is acting off then kick them for suspicious client behavior.
bookmarking for later on in my development; thank ya for pointing these things out! i had a relative grip on how speed/fly exploitation prevention worked, but never knew about Network Ownership and such. genuinely helpful, dude!
As a former member of rblx modding & exploiting community with the roles of “pen tester” traditional exploits can be very dangerous but a lot of traditional exploiters that manipulate the client are “script kiddies” with either no or very little knowledge of lua and how the environment works when unloaded or loaded/running, more experienced exploiters tend to exploit things like back doors (despite back doors not being considered exploits under Roblox’s TOS we will refer to them as exploits), backdoors can’t be very harmful too a game for reasons that likely don’t need to be explained
For the anti-speed part. One way to make jumping not affect the speed is to calculate the distance between the two positions, but using only the X and Z coordinates, and not the Y. You can do this using the good ol distance formula from Algebra class :P The distance formula calculates the distance between 2 points on an X,Y plane, but you can treat an X,Z plane the same way.
As someone that has been building a game, this system is absolutely amazing as a case study and something to build upon and I am highly supportive of this video except for in the case of reverse engineering. Wouldn’t it be better to host this in a module and pass a script to the player so then if they remove it you can import it again with a small loop and a check?
As an intermediate coder, it's important to secure your game if you have an admin command bar where admins, moderators or developers can type code. To use loadstring in ServerScriptService, be cautious: if an exploiter gains access, they can make server changes. To keep it safe, use a remote event to send commands to the server, where only trusted players (like developers, admins and moderators) are allowed to execute the code.
you can create 2 new positions and ignore the y value in the speed check completely like local v1 = Vector3.new(root.Position.X,0,root.Position.Z) local v2 = Vector3.new(lpos.Position.X,0,lpos.Position.Z) And get the distance with those (this will fix the spikes in speed when jumping/falling and allows for lower walkspeed detection)
I develop hack clients as a way of learning (not distributing) and although I sometimes use it in some games to check if it works, I send it to the game owners once I'm done with it to get it patched.
I really wish he would make a seried expanding on this anti-cheat system, id love to hang around and learn more about it and also create one along the way
im interested in game development and i didnt want to start coding it and working on models etc without knowing it was secure first, thank you for your video
there are ways to spoof floor material, but since most exploiters are skids they most likely wont know how to bypass it. if you want even more detection you can combine the raycast method and floor material in the video for more security, but it is slightly more tricky to do.
For the speed check, surely you could just ignore the y axis when checking the distance moved. You do DistanceMoved = (Vector3.new(lastposition.x, 0, lastposition.z - Vector3.new(root.position.x, 0, root.position.z)).magnitude?
How to secure your game against exploiters Make the game a “exploit simulator” with a built in “exploit” which mimics most actual exploits so everyone is always at equal starting level
yeah. plus, roblox is not exactly notorious for having great server connections. i think the best solution would be to not serve any bans for it, but rather save the position where they last made contact with the ground and if it goes over that 3 second buffer then set them back to the ground.
this is still exploitable since you use :getcharacter and use primary parts, the exploiter can touch it then immediantly delete their humanoidrootpart (primarypart) or set the primarypart of their character to nil which will completely break your script
AND the anti-speed can still be exploitable since there are certain exploits that detach your hmr and replace it with a fake one that still allows your character to move then it slowly brings the hmr towards it kinda like a lag-back
didn't roblox add an option where deleting any parts of your character would not register to the server? that would be useful to include in the video, since the thing you just said would not work anymore
@@bolekinds no, since its your character you can control it delete any of your bodyparts and such and will replicate to the server since you own your character all of the time until you die, and no detaching your rootjoint wont kill you
@@bolekinds I'm not sure what that change did, but I do know that "invis-flinging" was patched sometime recently by Roblox. Try it and the spinning brick doesn't spin and just…falls to the floor.
Hello GnomeCode! I really appreciate all the resources that you've provided to us, and it's definitely helping me become more of a seasoned developer, but I wanted to ask about an issue that comes with the AntiExploit. All the tutorials from this series have gone into one game I have made where I test and store these scripts for reference in future projects. In the video "The Dark Arts of Troubleshooting," you go over fixing and explaining out the process of finding and troubleshooting errors within a trampoline script. Well with that same trampoline, I am testing the AIR TIME feature and have found that I am getting rubber banded to my originalGoodPosition. If there is any way that I could overcome this, then I would greatly appreciate it as I am still learning and do not have a solution yet for on-the-spot problems. Thank you!
a good punishment would be after u tp them back to the good pos then there will increase a value called warning and then if they have 3 warnings and do it again you ban them
I think increasing the number of warnings (to 5 or something) would be a good idea, in case there are any false positives. I've read about a genius way to punish players on the DevForum; After an exploiter sets off the anti-cheat enough times, rather than banning them (since they can easily return on an alt. account), instead mess with them. Add random delays to remote events, disable collisions at random, and make their experience frustrating. 😈
@@XaneMyers i mean, delayed remote events, and collisions are client sided, unless the collisions are for a single player game, which then can still be avoided by just turning it back on constantly So like, yeaaaaaaaaaa
Let’s say your game had something that changed the player’s walkspeed, in that case, you shouldn’t increase the max speed, but instead adapt it into the code, to check if that player has that thingy that changes their speed, correct?
pov: u tp 2 times at 0.1 delay and u get teleported back where u actually wanted to tp or the anticheat just has an delay so u still can grab all coins XD
If I could I would just 100% the American Girl event game because I swear some of those Doll Stars aren't even placed into the world yet so it's literally impossible to find them all to get the badge for doing so. Plus the in-game clothes are cute and I want more despite not getting to have them outside of the game.
can you make some sort of ai that grabs you and damages you? (comes with a animaton) i want a ai like that for a zombie game like biting zombies or whatever
I know this is a big ask but could you make a video about redoing some of the tower Defense code as I cannot get past a certain part in the tutorial as the collision group code and body gyro keeps saying it is deprecated
the only issue here is that you used a raycast continuously on the server which can be expensive, a much easier way is Humanoid.FloorMaterial == Enum.Material.Air
Thank you so much for this video! I was so tired of these dumb gen alpha kids who think they're pro hackers or something trying to cheat in my game. It was so annoying! Thank you for helping me fix this :)!!!!!!!
Imagine writing certain code so that if some kid uses speed hack scripts, he gets a cinematic cutscene shown to the whole server that he cheated and that he's bad at cheating, blows him up and then bans him permanently. Not too good with code so dunno if it's possible.
Yeah. If your game teleports players, you'll have to either set a flag on the server that temporarily disables the anti-cheat right before another server script moves them, or put the teleporting function inside of the anti-cheat script so it can update its variables to "ignore" the teleport.
it will ,but you can make the anticheat ignore the player for like 0.1 seconds while its teleporting while the anti cheat still sets the lastgoodpos,etc by using an bool value.
For server-owned player character, does the client send movement data to the server? If so would it be possible to tween the character or have a fake-simulated client character that lerps with the server-character and have the actual player character be a invisible part?
@@chibisayori20 The client is only able to send W,A,S,D,Spacebar,etc movements, Anything other, like physics handling, is what server does. oh and server does the movement itself, Thats whatever it does
@@alexskorpik11play79 wait so it is server authoritive, it just roblox gives network ownership to the client so movement is smooth/there isn't delay when server checking physics, it just goes: oh, player moved, updating it's position to every client
@@chibisayori20 let me explain: so its basiclly like client moved so it fires sort of a remote event [no it doesnt , im just lazy to dig into the client files] which tells the ser ver to update it, thats why sometimes players complain about hitbox, because theres a small delay between client and server updating. client handles physics,etc basiclly.
@@alexskorpik11play79 if you force the network owner of the player's character to server, client can still move (since it sends input data after all) but will wait more because server needs to check if physics are correct, vs if it was client owned physics, then server doesn't do much validating. No idea about Hitboxes tho, thought those we're just .Touched events
I understand the speed anticheat but what if your game has some ability which lets you go like 100 s/ps? How will the script detect exploiters in that situation?
hey i've been trying to find like a video for a jump pad that changes your gravity and you can walk on ceiling but none has made a video plus i had to remove couple items from my game like a jump orb for a obby and devforum is no help bc i cant post at all it could really help my game and which you already did with the 2d camera
Best way to detect if someone is jumping or falling is to check the character primarypart velocity. For example when you jump your velocity on the Y axis changes, same with falling.
For npcs how would I go to manage make it smooth / not exploitable should I just make a part on the server and for every other client I render for them
Hello! I have one question, If I hide a client script in server script service, exploiters will see the script by using dark dex or orther explorer? Also great video!
I am a former exploiter and own synapse. Most exploiters are children so you only need to really worry about speed and fly hacks, however, there are more experienced exploiters that can manipulate remotes and network ownership which will completely ruin your game. Thanks for publishing this video because I myself did not know about the network ownership one.
s
it is true most exploiters are script kiddies
I also own a couple of exploits including Synapse X (sadly my router blocked it :sad_face:) and I know about network ownership and how it works. I don't know how an exploiter would forget about part:SetNetworkOwner(nil) because devs use that alot.
Ye that's what I was thinking, but maybe it's better to make a strong anti-cheat because experienced exploiters will eventually get in your game.
Ur cringe 😂
Experienced coder here, great way of explaining a not all too easy subject for learners in a funny story. Keep it up
I totally agree, he turned this scenario from a big and scary thing into a simple and easy thing. I hope I start seeing less of these remote vulnerabilities in good games.
It’s kinda the most easy type of anticheat to make I’ve ever seen lmao and it never was hard to do something like that tf ?
You mean scripting?
@@_Sickk scripting = coding in this case
Exploiters are easy to deal with when I am in the game, I just delete them from the game and run a script on the server that will constantly check if they are in game and delete them from it, But if I am not in the game, Those filthy exploiters can get into mischief. This tutorial was useful for child-proofing my games from the fifthly darn kids who try to exploit.
you have outdone yourself once again, while most "hackers" are just script kiddies there are a few you gotta worry about so this video of yours is perfect to make games safer while also teaching new coders how it happens in the first place, well done and great job, keep it up.
Yeah, as someone who has never touched roblox studio and exploiting it's interesting
Yeah all it takes is one experienced programmer to reverse engineer your game and release a script for the masses
Your tutorials that go over various aspects of lua scripting are the most helpful that I could find and I've learned a lot through your previous tutorials to where I am confident that I could start a little project with the knowledge I have gathered. Thank you so much.
Thank you, that's great to hear. Best of luck with your future developing!
@@GnomeCode Thanks! I will keep the luck with me!
In my experience a solid portion of exploiters are teens/adults with depressing lives who waste their disposable income gaining unfair advantages over children because it gives them some semblance of control and power in their worthless lives. The reason I know this is because I was there once when I was 18-20 and I am still in many of their communities on Discord.
NEVER underestimate the passion of greed and toxicity behind the exploit community. Imagine your defensive layers around your game are like a cheese grater, and the exploits are the cheese. No matter how small you make those holes in the defense, the exploiters will tirelessly work towards squeezing through the cracks and microscopic holes. Never stop updating your game, and always stay in the loop and keep up with exploit communities. Stay safe gamers, peace.
Wow you motivated me to secure my scripts even more now. Danke!
A majority of exploiters who do script their own stuff and know what they're doing are definitely an older audience (Older teens to adults). They also make up like 0.1% of the general roblox exploiting community as a whole. Although a huge number of them are not living depressing lives at all. Often times we just exploited because we liked trolling. Another thing to note is a lot of games player bases are entirely built upon exploiters. For example Fencing, Dollhouse Roleplay, Twisted Murderer, Jailbreak, Etc. I primarily scripted because it was a fun way to see how roblox's engine works and how to exploit that. I totally agree that exploiters will find any little thing to exploit and bring destruction to any game. I quit exploiting earlier this year due to personal reasons and of-course, the upbringing of byfron.
It's good to note that you can actually throw in dummy args in your remotes. Catches a LOT of people. E.G. Instead of completely removing the item price argument here, we could catch exploiters by keeping it, and comparing it to the itemPrices table. If the price isn't the same, then obviously, someone messed with the remotes. Little things like this add up a LOT. In one of my games, I caught a few people just by letting them think they could manipulate the force behind knockback.
And, as the game gets more complex, the anticheat becomes easier to bypass. Be prepared to look through a lot of randomly released scripts when you make a release!
Note: Exploiters will happen. Don't spend too long fighting them, your game's release is more important!
Now im curious what you did with those exploiters.
once you catch them you can do whatever you want until you ban them...
this is a minor inconvenience for whoever is trying to exploit in your game - to be honest i dont think this is a good idea as you'd have to actively update 2 scripts and one mistake in one could cause your some of your playerbase to be flagged - in my opinion its never right to kick the cheater as to restricting their access.
@@yesil_hiyar7335 I mean, I'd never kick an exploiter either. Also, it may be a minor inconvenience but it has always flagged hundreds of exploiters on my end.
@@LogoDev that’s fair enough but it just seems like it’d be more messy to send dummy arguments
I'm glad you made this video for people who don't really know how exploiting works. I used to not understand but once I started using exploits in my own game I realized that a lot of my games were insecure and had remotes that could manipulate datastores, spawn admin-only items, etc.
He forgot to talk about teleporting
And spawning instances on client
@@flowckey well the anti speed cheat part of the script easily removes teleporting off the list, and if you do spawn instances on the client side, the server wont count it because the script is server-side. sorry that im responding after 2 weeks.
@@Blade3337R I do believe that spawning instances on client would be counted as in Jail Break but I think the falling mechanism would take that in charge. No worries, I also don't check my notifications often.
FYI for newcomers: Enum.RaycastFilterType has changed: Replace Blacklist with Exclude, and Whitelist with Include.
you make the best development content gnomecode!
there is suphi kaner too that does in depths tutorials. You should totally check it out
These do work, but the floating check will flag on high ping players, yes you can whitelist that but then cheaters can use blink to hold network packets, another problem is if the player's game is like tower of hell, falling down will flag, vehicles will flag it. There is also a very knew method that it overpowered, but I won't mention it as most regular exploiters don't have access to this method.
Simple way to check to see if someone is falling or not! VELOCITY and CFRAMES! Both on the Y axis. Check if they are floating using racyast and then time that. If they're hovering over a part longer than a couple seconds and their velocity behavior is acting off then kick them for suspicious client behavior.
@@40kq hey that means i place a high down velocity and teleport boom or tween.
bookmarking for later on in my development; thank ya for pointing these things out! i had a relative grip on how speed/fly exploitation prevention worked, but never knew about Network Ownership and such. genuinely helpful, dude!
Network ownership manipulation is pretty much patched for the most part.
As a former member of rblx modding & exploiting community with the roles of “pen tester” traditional exploits can be very dangerous but a lot of traditional exploiters that manipulate the client are “script kiddies” with either no or very little knowledge of lua and how the environment works when unloaded or loaded/running, more experienced exploiters tend to exploit things like back doors (despite back doors not being considered exploits under Roblox’s TOS we will refer to them as exploits), backdoors can’t be very harmful too a game for reasons that likely don’t need to be explained
interesting... thank you for your tutorials, they helped me alot.
Cheers!
@@GnomeCode can you put in the description the antiexploit code mine doesnt seem to be working
For the anti-speed part. One way to make jumping not affect the speed is to calculate the distance between the two positions, but using only the X and Z coordinates, and not the Y. You can do this using the good ol distance formula from Algebra class :P The distance formula calculates the distance between 2 points on an X,Y plane, but you can treat an X,Z plane the same way.
i'll just make exploiters listen to thick of it until they stop
As someone that has been building a game, this system is absolutely amazing as a case study and something to build upon and I am highly supportive of this video except for in the case of reverse engineering.
Wouldn’t it be better to host this in a module and pass a script to the player so then if they remove it you can import it again with a small loop and a check?
Hello gnomecode! Currently at tower defense serie, ur tutorials are so good! Keep it up!
Hey, I have a tip for you Gnome: when making functions and declaring variables, use a colon to set its data type. That way, the autocorrect works.
As an intermediate coder, it's important to secure your game if you have an admin command bar where admins, moderators or developers can type code. To use loadstring in ServerScriptService, be cautious: if an exploiter gains access, they can make server changes. To keep it safe, use a remote event to send commands to the server, where only trusted players (like developers, admins and moderators) are allowed to execute the code.
I think i recommend adding a warning system to count like 5 times, if they are caught more than that they get kicked
you can create 2 new positions and ignore the y value in the speed check completely like
local v1 = Vector3.new(root.Position.X,0,root.Position.Z)
local v2 = Vector3.new(lpos.Position.X,0,lpos.Position.Z)
And get the distance with those (this will fix the spikes in speed when jumping/falling and allows for lower walkspeed detection)
I develop hack clients as a way of learning (not distributing) and although I sometimes use it in some games to check if it works, I send it to the game owners once I'm done with it to get it patched.
one of the few cases where i'm okay with exploiting
It's okay to admit that you just make Ui and use public API's. We all know you don't know how to properly construct an actual executor.
You're a real one.
i make literal games out of these tutorials, really helpful, i can understand it alot, fun to watch, all of the code actually works.
I really wish he would make a seried expanding on this anti-cheat system, id love to hang around and learn more about it and also create one along the way
im interested in game development and i didnt want to start coding it and working on models etc without knowing it was secure first, thank you for your video
16:25 why not use Humanoid.FloorMaterial ~= Enum.Material.Air for ground checks?
there are ways to spoof floor material, but since most exploiters are skids they most likely wont know how to bypass it.
if you want even more detection you can combine the raycast method and floor material in the video for more security, but it is slightly more tricky to do.
@@Moonzyss_ As far as I am concerned, spoofing floormaterial has never been a big thing because they all got patched a long while ago.
Thanks for the tutorial keep up the good work love your vids man
Gnomecode is the real legend that will always make us happy :)
Great video as normal man! 😀
Yessss I needed this
For the speed check, surely you could just ignore the y axis when checking the distance moved. You do
DistanceMoved = (Vector3.new(lastposition.x, 0, lastposition.z - Vector3.new(root.position.x, 0, root.position.z)).magnitude?
Thank you this is pretty useful keep up the work.
Ok but how does Billy do this when he doesn’t have access to the studio server
billy mc'mischief is a piece of work
How to secure your game against exploiters
Make the game a “exploit simulator” with a built in “exploit” which mimics most actual exploits so everyone is always at equal starting level
Thanks man this helped in my doors recreation you made a tutorial for :)
About Anti "fly". If player froze client or get lag spike, he/she will tagged as cheater
I mean , we dont want tab glitchers
yeah. plus, roblox is not exactly notorious for having great server connections. i think the best solution would be to not serve any bans for it, but rather save the position where they last made contact with the ground and if it goes over that 3 second buffer then set them back to the ground.
*Lumber tycoon owner taking notes*
Byfron Update seems made this Tutorial High-Priority
I have a request for a series what about a game similar to Pokémon because most games get banned so a customized theme similar to Pokémon?
I'm just commenting for the algorithm. Another great video!
Thanks for that!
Gnome code!!!@ Love your tutorials man
the doors tutorial: imma go get some milk real quick
this is still exploitable since you use :getcharacter and use primary parts, the exploiter can touch it then immediantly delete their humanoidrootpart (primarypart) or set the primarypart of their character to nil which will completely break your script
also you could do player:CharacterAppearanceLoaded to wait until the player character loads
AND the anti-speed can still be exploitable since there are certain exploits that detach your hmr and replace it with a fake one that still allows your character to move then it slowly brings the hmr towards it kinda like a lag-back
didn't roblox add an option where deleting any parts of your character would not register to the server? that would be useful to include in the video, since the thing you just said would not work anymore
@@bolekinds no, since its your character you can control it delete any of your bodyparts and such and will replicate to the server since you own your character all of the time until you die, and no detaching your rootjoint wont kill you
@@bolekinds I'm not sure what that change did, but I do know that "invis-flinging" was patched sometime recently by Roblox. Try it and the spinning brick doesn't spin and just…falls to the floor.
Woah teaching people how to script and teaching people how to defend their games from scripters, never thought I’d see such luxury
Imma add Billy Mischief to my game lmao
Hello GnomeCode! I really appreciate all the resources that you've provided to us, and it's definitely helping me become more of a seasoned developer, but I wanted to ask about an issue that comes with the AntiExploit. All the tutorials from this series have gone into one game I have made where I test and store these scripts for reference in future projects. In the video "The Dark Arts of Troubleshooting," you go over fixing and explaining out the process of finding and troubleshooting errors within a trampoline script. Well with that same trampoline, I am testing the AIR TIME feature and have found that I am getting rubber banded to my originalGoodPosition. If there is any way that I could overcome this, then I would greatly appreciate it as I am still learning and do not have a solution yet for on-the-spot problems. Thank you!
Is the DOORS Tutorial abandoned?
a good punishment would be after u tp them back to the good pos then there will increase a value called warning and then if they have 3 warnings and do it again you ban them
I think increasing the number of warnings (to 5 or something) would be a good idea, in case there are any false positives. I've read about a genius way to punish players on the DevForum; After an exploiter sets off the anti-cheat enough times, rather than banning them (since they can easily return on an alt. account), instead mess with them. Add random delays to remote events, disable collisions at random, and make their experience frustrating. 😈
@@XaneMyers i mean, delayed remote events, and collisions are client sided, unless the collisions are for a single player game, which then can still be avoided by just turning it back on constantly
So like, yeaaaaaaaaaa
Thanks gnome code! I'm working on a SCP horror game with acp's! I'm still working on it. I hope it's good!
Yet again gnomecode knows just what we need at the right time, thanks gnomecode :) (I actually really needed this so thanks)
Those 30 dislikes are from exploiters lmao
Let’s say your game had something that changed the player’s walkspeed, in that case, you shouldn’t increase the max speed, but instead adapt it into the code, to check if that player has that thingy that changes their speed, correct?
like how doors does it. yes.
pov: u tp 2 times at 0.1 delay and u get teleported back where u actually wanted to tp or the anticheat just has an delay so u still can grab all coins XD
also one way they can do something is trough grabbing themselves and going lightspeed since they are always network ownership of themselves
@GnomeCode I was just wondering are you done with the doors game
Damn excellency as always
Gnome code, are you still doing the Doors series, if so, can you add screech
That's awesome. Thank you for informing me about the network owner stuff, didn't know that, will certainly be useful!
Billy McMischief is the hero I never knew I needed, lol. Too bad I'm on mobile and can't do anything he did.
If I could I would just 100% the American Girl event game because I swear some of those Doll Stars aren't even placed into the world yet so it's literally impossible to find them all to get the badge for doing so. Plus the in-game clothes are cute and I want more despite not getting to have them outside of the game.
well uhm actually there are mobile exploits 🤓
can you make some sort of ai that grabs you and damages you? (comes with a animaton)
i want a ai like that for a zombie game like biting zombies or whatever
how do you handle teleporting and speed buffs with the anticheat
I know this is a big ask but could you make a video about redoing some of the tower Defense code as I cannot get past a certain part in the tutorial as the collision group code and body gyro keeps saying it is deprecated
I saw someone talk about this on your discord server. And you even responded. I wonder if that’s why you made the video
I was doing an anticheat for my game today ima add some of this thx gnome!!!
something i always do is sorta double check, once on the server, once on the client. its a pretty efficient way to weed out basic script kiddies
I'll definitely use this video, but can you also make a video on console compatibility please. If not do you know any videos that would help me.
the only issue here is that you used a raycast continuously on the server which can be expensive, a much easier way is Humanoid.FloorMaterial == Enum.Material.Air
i use a custom system called CID and CMSG.
cid just stands for client id, and cmsg is custom message.
As a noob dev, I ain't even put any arguments in my remotes, so I'm totaly safe 😎
Thank you so much for this video! I was so tired of these dumb gen alpha kids who think they're pro hackers or something trying to cheat in my game. It was so annoying! Thank you for helping me fix this :)!!!!!!!
Imagine writing certain code so that if some kid uses speed hack scripts, he gets a cinematic cutscene shown to the whole server that he cheated and that he's bad at cheating, blows him up and then bans him permanently. Not too good with code so dunno if it's possible.
more then possible >:D
@@X_Fire_fox_ff_D hell yeah
Curse you, Billy McMischief!
this made me laugh too much
Hey Gnome code , will you continue the Doors series?
are you still going to do tutorials on how to make games ?
been subbed since 20k!
alternative title : how to not become prison life
Thats accurate. This game suffers
cool one gnome!
I have a question: if I have a teleport part in the game, will the speed/fly anti cheat kick the player falsely?
Yes obv it will kick
It would, but in the teleport script you could add another line that sets the lastGoodPosition to be the teleporter exit.
Yeah. If your game teleports players, you'll have to either set a flag on the server that temporarily disables the anti-cheat right before another server script moves them, or put the teleporting function inside of the anti-cheat script so it can update its variables to "ignore" the teleport.
it will ,but you can make the anticheat ignore the player for like 0.1 seconds while its teleporting while the anti cheat still sets the lastgoodpos,etc by using an bool value.
"casually gives a descriptions for exploiters to debunk"
Thanks. Not like I have players in my game for there to be hackers though.
Oh, my head hurts😵💫
Hey just wondering when you are gonna make part 8 of your doors series?
1 year later - It's finally here!
NOOO!!! Billy!! you was suppossed to be the good kid who always does not use /e claim On every roblox marketplace ítem!!!
GnomeCode delivers!
You can set the player's network ownership to nil to make it server-owned and more difficult to move
For server-owned player character, does the client send movement data to the server? If so would it be possible to tween the character or have a fake-simulated client character that lerps with the server-character and have the actual player character be a invisible part?
@@chibisayori20 The client is only able to send W,A,S,D,Spacebar,etc movements, Anything other, like physics handling, is what server does. oh and server does the movement itself,
Thats whatever it does
@@alexskorpik11play79 wait so it is server authoritive, it just roblox gives network ownership to the client so movement is smooth/there isn't delay when server checking physics, it just goes: oh, player moved, updating it's position to every client
@@chibisayori20 let me explain: so its basiclly like client moved so it fires sort of a remote event [no it doesnt , im just lazy to dig into the client files] which tells the ser ver to update it, thats why sometimes players complain about hitbox, because theres a small delay between client and server updating. client handles physics,etc basiclly.
@@alexskorpik11play79 if you force the network owner of the player's character to server, client can still move (since it sends input data after all) but will wait more because server needs to check if physics are correct, vs if it was client owned physics, then server doesn't do much validating. No idea about Hitboxes tho, thought those we're just .Touched events
i would rather slow them if speed hacking
another way you can replicate exploits with studio is using the command bar (in view tab)
@GnomeCode di you make this video because of that one guy who complained about hackers?
I clicked on the video as soon as I saw it thank you
I understand the speed anticheat but what if your game has some ability which lets you go like 100 s/ps? How will the script detect exploiters in that situation?
hey i've been trying to find like a video for a jump pad that changes your gravity and you can walk on ceiling but none has made a video plus i had to remove couple items from my game like a jump orb for a obby and devforum is no help bc i cant post at all
it could really help my game and which you already did with the 2d camera
When falling speed is going to like 200-300
What’s this game called that he’s testing in
can't I just use the x/z speed than total speed to counter-act the cheat detection when jumping or falling?
Best way to detect if someone is jumping or falling is to check the character primarypart velocity. For example when you jump your velocity on the Y axis changes, same with falling.
For npcs how would I go to manage make it smooth / not exploitable should I just make a part on the server and for every other client I render for them
You can simplify this by just checking the humanoids floor material instead of raycasting, if it ~= air then they are touching the ground.
But what about if they are jumping
Hello!
I have one question,
If I hide a client script in server script service, exploiters will see the script by using dark dex or orther explorer?
Also great video!
If you put a local script on the server it's no longer a local script and won't work
@@horse_loyal9740 ok, tyyy
local scripts only work when: they're inside replicatedfirst/player_character/playergui/backpack and or is triggered by remoteevent.OnClientFired
Can you make a tutorial for a game similar to my supermarket?
Exploits work via a script being injected into the remote control system. Clients like krnal use this