Just because anything client sided can be manipulated doesn’t mean you shouldn’t bother. Is it a big enough problem to warrant a game of cat and mouse? In most cases I would argue that the impact the game is negligible and only impacts that singular player’s experience. I think in cases like this it’s important to ask yourself how badly this is impacting your game.
They can easily spoof remote events and get around any counter measures you’re bothering to implement. Nothing you do is going to prevent them from simply bypassing it with a script. Not to be that guy who tells people about client-side detection methods being a lost cause ad nauseum but it’s very true here. You could come up with something to determine if the player might be idle and then present them with a “I’m still here” prompt placed randomly on their screen.ĭepending on your situation there’s plenty of ways to go about doing this. If the problem is that users are using an autoclicker to click once every few seconds, or anything within the realm of being possible by a human you’re pretty much out of luck there. If the issue is how rapidly the client is clicking then one way would be to record and report clicks per second, for example. There are a few ways you could go about this depending on the situation. Disclaimer: Client input is always going to be something that the client can exploit.