How do I prevent hackers from enabling UI?

There is no way that I know of, Anything local can be altered by the client.

Hi, if you don't know about Client-Server and filtering enable I will help you. Exploiters will only be able to put the GUI on their screen, and the effects only result on their screen, so there is nothing to worry about. This is because of the filtering enabled property which doesn't replicate things from the client to the server, only from the server to the client. And there is currently no way the exploiter could view the server's perspective.

I currently do not know how to prevent hackers from exploiting through their own client, but there should not be a lot of damage, unless it is an inappropriate or personal GUI, the exploiter could take a screenshot. That would be the worst of causes.

I don't think you should worry since even if the hacker changes it via the client it won't change for everybody else only for him and no server scripts will work. As long as your game has filtering enabled on. However for a local script there is no way to stop changes being made. So if you are still worried put it in a script not local script. The hacker can only really annoy himself.

I have seen some people clone UI from some other place like ReplicatedStorage into PlayerGui when they join if they meet certain requirements. Although this doesn't completely prevent them from getting the UI (don't really know how effective this is either), it should make it so they cant just click visible on the UI and see it. Like what everyone else said, there really is no way to prevent exploiters from showing the frames but as long as your remotes (if you are using any for the ui) are protected you should be fine.