generic image
Processing...
  • Games
  • Catalog
  • Develop
  • Robux
  • Search in Players
  • Search in Games
  • Search in Catalog
  • Search in Groups
  • Search in Library
  • Log In
  • Sign Up
  • Games
  • Catalog
  • Develop
  • Robux
   
ROBLOX Forum » Game Creation and Development » Scripters
Home Search
 

Re: Extent of Workspace.FilteringEnabled protection?

Previous Thread :: Next Thread 
MyHogs is not online. MyHogs
Joined: 13 Feb 2017
Total Posts: 22
12 Mar 2017 09:13 PM
Would a client still be able to modify variables within the "Players" service through exploitation if that is enabled?

I want to have a folder within that used to store a series of Bool values to represent whether or not certain items are owned, as well as to store information such as a timestamp when that item can be used again. If I turn on FilteringEnabled, will that prevent modification of those values, or will clients still be able to trick the game into giving them that item for free?
Report Abuse
DarknessSheath is not online. DarknessSheath
Joined: 07 Sep 2014
Total Posts: 255
12 Mar 2017 09:23 PM
Players is part of the server, so any changes to it wouldn't replicate unless it was from the server.

Short: No.
Report Abuse
Intended_Pun is not online. Intended_Pun
Joined: 10 Aug 2016
Total Posts: 4384
12 Mar 2017 09:24 PM
Don't store your data on the client.
Report Abuse
EvanHolt is not online. EvanHolt
Joined: 06 Sep 2008
Total Posts: 1264
12 Mar 2017 09:35 PM
Basically all that FilteringEnabled does is prevent things from replicating from the client to the server. This means that a hacker can still change any aspect of the game, but only they will notice the change. If you keep data in the server rather than the client, and always check that data from the server, a hacker's changes to that data won't matter.

If you want to store Bool values, I would suggest having the folder in the server and give it a name unique to each player. Something along the lines of "Bool_Values_For_Player_[player ID number]"

[ George Orwell taught me math! 2 + 2 = 5 ]
Report Abuse
MyHogs is not online. MyHogs
Joined: 13 Feb 2017
Total Posts: 22
12 Mar 2017 10:27 PM
So the "Players" is all local storage, correct? In that case... what I did is basically what @EvanHold suggested, and put a PlyrInfo folder with ServerStorage, and have vaules being modified/checked/etc in there now. That's a bit safer?
Report Abuse
Unsubtleties is not online. Unsubtleties
Joined: 28 Nov 2016
Total Posts: 9203
12 Mar 2017 10:30 PM
"Would a client still be able to modify variables within the "Players" service through exploitation if that is enabled?"

I don't know what you mean by that. The answer is yes, though.
However, the change that the client made will not replicate, and will only be seen from the client who made the change.


Report Abuse
Unsubtleties is not online. Unsubtleties
Joined: 28 Nov 2016
Total Posts: 9203
12 Mar 2017 10:31 PM
"So the "Players" is all local storage, correct?"

I have no idea what you mean by that either. The Players service is a container for all Players currently in the game. It can be accessed both locally and on the server.


Report Abuse
doggy00 is online. doggy00
Joined: 11 Jan 2011
Total Posts: 3571
12 Mar 2017 11:26 PM
Honestly, the best thing to do is just program your own security and screw FilteringEnabled. It isn't fool-proof and it can be bypassed, it just keeps most of the rookies and leechers out.
Report Abuse
Intended_Pun is not online. Intended_Pun
Joined: 10 Aug 2016
Total Posts: 4384
12 Mar 2017 11:28 PM
"Honestly, the best thing to do is just program your own security and screw FilteringEnabled. It isn't fool-proof and it can be bypassed, it just keeps most of the rookies and leechers out."

AKA:

"I don't know how to script with FE so I'll just say a bunch of fake stuff about it"
Report Abuse
Unsubtleties is not online. Unsubtleties
Joined: 28 Nov 2016
Total Posts: 9203
12 Mar 2017 11:29 PM
And the best thing to do if you take that route is to stop trying to prevent exploits altogether.


Report Abuse
doggy00 is online. doggy00
Joined: 11 Jan 2011
Total Posts: 3571
12 Mar 2017 11:34 PM
AKA I play a lot of ROBLOX games and I've witnessed people bypass FilteringEnabled on several games such as Fencing.
Report Abuse
Unsubtleties is not online. Unsubtleties
Joined: 28 Nov 2016
Total Posts: 9203
12 Mar 2017 11:35 PM
Clients can still successfully manipulate their character if you don't account for that too.


Report Abuse
Intended_Pun is not online. Intended_Pun
Joined: 10 Aug 2016
Total Posts: 4384
12 Mar 2017 11:39 PM
You can't "bypass" FE, you can only exploit it.
Report Abuse
doggy00 is online. doggy00
Joined: 11 Jan 2011
Total Posts: 3571
12 Mar 2017 11:44 PM
In that sense, you can exploit around it.

.-.
Report Abuse
Bobby_Darin is not online. Bobby_Darin
Joined: 05 Jan 2013
Total Posts: 5587
12 Mar 2017 11:47 PM
"Program your own security" No

"It can be bypassed" Well, of course it can be, but clearly you're just an idiot and by 'bypassing' you mean 'exploiting because this game's network model sucks or it turns out it isn't actually FE.'
Report Abuse
doggy00 is online. doggy00
Joined: 11 Jan 2011
Total Posts: 3571
12 Mar 2017 11:49 PM
Okay fine I used the wrong choice of words but can we not try starting a fight on the Scripters subforum???

Also I was kind of implying to not use ROBLOX as a developing platform because even when using FilteringEnabled there's still a whole lot you would need to patch on your own and anything can be exploited around.
Report Abuse
Unsubtleties is not online. Unsubtleties
Joined: 28 Nov 2016
Total Posts: 9203
12 Mar 2017 11:51 PM
"but can we not try starting a fight on the Scripters subforum"

There's a difference between what you probably are referring to as a "fight" and an "argument", unless you are just afraid of getting proven wrong. This subforum is for scripting discussion, arguments included.


Report Abuse
Unsubtleties is not online. Unsubtleties
Joined: 28 Nov 2016
Total Posts: 9203
12 Mar 2017 11:52 PM
Also, FilteringEnabled is very effective.


Report Abuse
OzzyFin is not online. OzzyFin
Joined: 07 Jun 2011
Total Posts: 3600
12 Mar 2017 11:53 PM
"the best thing to do is just program your own security and screw FilteringEnabled"

Filtering is not a securiy feature. It is the correct way of handling the client/server model and should've always been a thing.
Report Abuse
doggy00 is online. doggy00
Joined: 11 Jan 2011
Total Posts: 3571
12 Mar 2017 11:56 PM
It is very effective, but it can still be exploited around.
I see your point, but nonetheless, the original point I was making was to program your own security, and there's no arguing against the fact that FE alone is hardly anything when against someone who actually knows how the FE works and knows how to exploit around it.
Report Abuse
doggy00 is online. doggy00
Joined: 11 Jan 2011
Total Posts: 3571
12 Mar 2017 11:58 PM
And I don't believe calling someone an idiot should be excluded from 'fighting', but that's just my opinion.
Report Abuse
Unsubtleties is not online. Unsubtleties
Joined: 28 Nov 2016
Total Posts: 9203
12 Mar 2017 11:58 PM
"I see your point, but nonetheless, the original point I was making was to program your own security, and there's no arguing against the fact that FE alone is hardly anything when against someone who actually knows how the FE works and knows how to exploit around it."

I can't be the only one who thinks you don't know what you're talking about.


Report Abuse
Unsubtleties is not online. Unsubtleties
Joined: 28 Nov 2016
Total Posts: 9203
12 Mar 2017 11:59 PM
If you think the word "idiot" is offensive, then I wouldn't recommend ever disagreeing with someone here.


Report Abuse
doggy00 is online. doggy00
Joined: 11 Jan 2011
Total Posts: 3571
13 Mar 2017 12:00 AM
Point taken, today is the first time I've posted here in a while, didn't realize Scripters subforum would become as harsh as OT.
Report Abuse
doggy00 is online. doggy00
Joined: 11 Jan 2011
Total Posts: 3571
13 Mar 2017 12:06 AM
I would keep arguing back and forth but I'm going to surrender because I don't think your opinions will budge until you actually know how to exploit around FE or until you witness someone doing it.

The OP post was about storing boolean values in a folder to determine the ownership of certain items. He questioned if FE would help prevent the manipulation of those boolean values. The answer is yes and no. Yes if they use free exploits and no if they actually know how to code.
Report Abuse
Previous Thread :: Next Thread 
Page 1 of 1
 
 
ROBLOX Forum » Game Creation and Development » Scripters
   
 
   
  • About Us
  • Jobs
  • Blog
  • Parents
  • Help
  • Terms
  • Privacy

©2017 Roblox Corporation. Roblox, the Roblox logo, Robux, Bloxy, and Powering Imagination are among our registered and unregistered trademarks in the U.S. and other countries.



Progress
Starting Roblox...
Connecting to Players...
R R

Roblox is now loading. Get ready to play!

R R

You're moments away from getting into the game!

Click here for help

Check Remember my choice and click Launch Application in the dialog box above to join games faster in the future!

Gameplay sponsored by:
Loading 0% - Starting game...
Get more with Builders Club! Join Builders Club
Choose Your Avatar
I have an account
generic image