A friend and I have been working on a FPS for some time now. We started this to learn multiplayer with blueprints and we’ve come pretty far and learned a lot.
A general rule of thumb is that that everything “gameplay important” should be run through the server. Lowering a player’s HP when being shot, for example, should not be something the client can do. This is so that the clients can’t manipulate the game and cheat, which sounds reasonable.
What I don’t know is HOW the clients would be able to cheat. And is there any way to test how “cheat-safe” our game is?
Also, how would you define “gameplay important”? For example, a top-down game. The player can zoom the camera in and out to a certain limit. This is something that is only relevant to the player him/herself. I would define this as not gameplay important and let the client do this without the server.
But would the client be able to cheat by doing that? Could the client manipulate the camera somehow and be able to zoom out further than intended to reveal the whole map for example?
From what i’ve read, players can modify their client in any way they want and there isn’t much that can be done about it. Wall hacking is prevalent in shooters because it’s easy to modify the client to be able to see through walls. Supposedly, someone could connect to your multiplayer game without a client!
If you can head shot someone in one click, then seeing through a wall is a big advantage and cheaters are more likely to build and use cheats at risk of getting caught.
But if you’re building a game where gun battles have to last at least a few seconds and no one dies instantly, then suddenly knowing that someone is about to come around a wall isn’t that big of an advantage and people are less likely to cheat. Less likely.
So while you can keep things like HP and AMMO accurate on the server, players can still mess with anything that they have access to on their client. Being able to zoom out and see the whole map could give a cheater an advantage if it’s “gameplay important”. Maybe seeing other things on the map isn’t important, in which cheaters wouldn’t bother. Or maybe it is important, and you could write some code to try and keep that information from being sent out to clients unless they are within range or outside of the fog of war.