|
| 22 Oct 2015 12:05 AM |
| In 2012 and 2013, many games were hacked and had leaderboards and Workspace deleted or changed. Recently, I've never seen that happen anymore. Is this because developers turn on FilteringEnabled or is it simply Roblox increased their security. If so, is it necessary to turn it on to prevent hackers? |
|
|
| Report Abuse |
|
|
Bruhger
|
  |
| Joined: 17 Jun 2015 |
| Total Posts: 30 |
|
|
| 22 Oct 2015 12:15 AM |
FilteringEnabled is the absolute most dependable way to prevent exploitation. It is, however, important to do the following: Do not put sensitive data on the client or in values on the client, Do not use Value Objects on the client, Do not try to edit the server from the client, For any communication between the client and server, use RemoteEvents and RemoteFunctions, Module scripts are bae.
Honestly, any game which was created too lazily to use FE likely isn't worth stealing in the first place. No it isn't forced, but it seriously is a huge stride in security improvements. It can be a pain to work with at first, admittedly, but after a while I find it fun to set up. You may too. |
|
|
| Report Abuse |
|
|
chimmihc
|
  |
| Joined: 01 Sep 2014 |
| Total Posts: 17143 |
|
|
| 22 Oct 2015 12:26 AM |
If you are gonna use FE than you need to actually use it properly.
There is nothing more annoying than someone coming here complaining that their game is still getting exploited with FE because they have it setup in such a way that FE might as well be disabled. |
|
|
| Report Abuse |
|
|
Bruhger
|
  |
| Joined: 17 Jun 2015 |
| Total Posts: 30 |
|
|
| 22 Oct 2015 12:29 AM |
^ Hence my note on using Value Objects
you have no idea how many people think it's okay to use them to represent the amount of money, or experience, or whatever else on the client. |
|
|
| Report Abuse |
|
|
|
| 22 Oct 2015 12:31 AM |
| Its fine to use them but just don't read off of them to set a new value :\ |
|
|
| Report Abuse |
|
|
Bruhger
|
  |
| Joined: 17 Jun 2015 |
| Total Posts: 30 |
|
|
| 22 Oct 2015 12:33 AM |
| That's what I mean. People will have a NumberValue and use it to represent health, and editing it effects the actual health. I suppose it's less common now, but when FE first came out and nobody knew what they were doing... |
|
|
| Report Abuse |
|
|
|
| 22 Oct 2015 05:37 AM |
| dont let the client->server events have access to loadstring, and don't send a function over through an event. |
|
|
| Report Abuse |
|
|
|
| 22 Oct 2015 06:54 AM |
| Well there were a LOT of security problems in August / September. Still a few right now. ROBLOX has improved their security a lot since the bad old days (2011 - 2012) but FE is still very important. |
|
|
| Report Abuse |
|
|
|
| 22 Oct 2015 09:37 AM |
| Filtering makes it so that local scripts can't modify the workspace. Script kiddies who got cheat engine could inject local scripts into their game so that they could ruin everyone else's time. With filtering enabled, their scripts can't do anything, provided you also made your game properly. |
|
|
| Report Abuse |
|
|
|
| 22 Oct 2015 06:10 PM |
| So basically FilteringEnabled is a "should". But I've read the wiki articles on it and it seems like a pain in the ***. It also causes lag apparently. |
|
|
| Report Abuse |
|
|
Vezious
|
  |
| Joined: 09 Nov 2013 |
| Total Posts: 606 |
|
|
| 22 Oct 2015 06:24 PM |
| My game uses Filtering Enabled, And My Game Is Flooded with remote functions and events. Though people are saying do not keep values on client. You can keep values on client. But Only for viewing purposes. If you are making a game shop, you want to keep the amount of money in the server, I use server storage. And Another good thing is storing Server scripts in SeverScriptService. What can hackers do with Filtering Enabled On? Well, They CAN access workspace, but have you even bee n on mad games? Lollers used local Bricks to create a wall for VIP Room. Exploiters CAN delete stuff. But the stuff they delete will only effect them, so, only the bricks on his computer will be deleted, not on all the other computers. |
|
|
| Report Abuse |
|
|
|
| 22 Oct 2015 06:27 PM |
LOLERIS DOES NOT USE FE!!!!!!!111!
Crazy don't listen to these noobies you don't have to use FE just get an anti-exploit :) |
|
|
| Report Abuse |
|
|
TimeTicks
|
  |
| Joined: 27 Apr 2011 |
| Total Posts: 27115 |
|
|
| 22 Oct 2015 06:29 PM |
| @OP Use FE. If you don't understand how to use it, then have fun letting your games be exploited. For anyone that says FE causes lag, they are idiots. |
|
|
| Report Abuse |
|
|
TimeTicks
|
  |
| Joined: 27 Apr 2011 |
| Total Posts: 27115 |
|
|
| 22 Oct 2015 06:29 PM |
| Unless they have the server fired 10000 times a second, then they are serious idiots |
|
|
| Report Abuse |
|
|
Vezious
|
  |
| Joined: 09 Nov 2013 |
| Total Posts: 606 |
|
|
| 22 Oct 2015 06:49 PM |
| I never said Loleris used FE. idiot. I said he used Local Bricks. There are other ways to use local bricks. |
|
|
| Report Abuse |
|
|
|
| 23 Oct 2015 12:08 AM |
| Okay, so if I don't store values like Points, Cash, etc in the Player, then where do I store them? |
|
|
| Report Abuse |
|
|
|
| 23 Oct 2015 12:08 AM |
| serverstorage, lighting, datastores |
|
|
| Report Abuse |
|
|
|
| 23 Oct 2015 03:06 AM |
"But the stuff they delete will only effect them" XD |
|
|
| Report Abuse |
|
|
FlyNormal
|
  |
| Joined: 30 Sep 2015 |
| Total Posts: 344 |
|
|
| 23 Oct 2015 04:07 AM |
| I believe most games don't use FE as it requires a lot more work and effort. Pretty much more headache. I believe ROBLOX enhanced their security system more likely. |
|
|
| Report Abuse |
|
|
Vezious
|
  |
| Joined: 09 Nov 2013 |
| Total Posts: 606 |
|
|
| 23 Oct 2015 05:39 AM |
| And I believe most games Don't use FE because they don't know about it. I think most people that don't use FE that know about it are just too lazy to do a little more. |
|
|
| Report Abuse |
|
|
vlekje513
|
  |
| Joined: 28 Dec 2010 |
| Total Posts: 9057 |
|
|
| 23 Oct 2015 05:51 AM |
What if they change their humanoid/character locally? It allows them to noclip/fly and all that since the character is handled locally. |
|
|
| Report Abuse |
|
|
|
| 23 Oct 2015 09:50 PM |
| Okay I'm so confused. Did Roblox increase their security or not? And do I need to enable FE or not? |
|
|
| Report Abuse |
|
|
|
| 23 Oct 2015 09:59 PM |
| Whether or not you enable FE is really much whether you prefer a bit more security or speed more. Ignore them, if your game already lags FE will make it 10-20% worse as all packets have to be checked for bad replication. |
|
|
| Report Abuse |
|
|
|
| 24 Oct 2015 12:02 PM |
| Okay. Also is Workspace a safe place to store things? What parts of the game is accessible by hackers? |
|
|
| Report Abuse |
|
|
Dogejia
|
  |
| Joined: 08 Feb 2012 |
| Total Posts: 1873 |
|
|
| 24 Oct 2015 12:05 PM |
Hackers can't change the game with localscripts, if they can they can only see it.
Online Dogeing since 1337 |
|
|
| Report Abuse |
|
|