Remote Events are spammable?
A friend of mine who has an exploit, showed me how he could spam remote events in my game to level up.
Is there any kind of check that I could do to make it so that they can't be spammed?
0
1 answer
Yes, all RemoteEvents and RemoteFunctions can be fired by exploiters at any time with any arguments. This is ultimately unpreventable.
The first rule of multiplayer game networking is that you ****never trust the client.****
Here's an example of bad security. You use an AddXP RemoteEvent that adds to a player's XP, and should only do this once they've chopped down a tree. The exploiter fires this over and over again. You shouldn't have these types of events in your game.
Instead, the exploiter should fire events that request to chop down trees, and you add the XP server-side.
The server is the boss, it makes all the rules. ****Clients never should be able to tell the server what to do, only request it to do something.
As for whoever suggested using an anti-exploit, they are completely misguided, so don't do that.
You haven't provided enough information for me to address your particular issue, but I hope you're able to apply this knowledge.
0