1ForeverHD
commented
4 years ago This is like chucking water on an oil fire; it merely spreads the problem, makes your situation more complicated and the house still burns down.
Attempting to restrict services (such as destroying them, obfuscation, etc) to external users will only make our development more challenging and time consuming, while making feature configuration (such as commands) long-winded for developers. There will always be ways for exploiters to reference the codebase, and if they struggle with this, they can simply upload and require their own copy with all the necessary admin permissions.
Even without admin commands, users with server-side access can still perform a lot of damage: calling shutdown, kicking other players, and even loading in their own admin commands. I recommend exploring the developer forum for discussions on finding and removing backdoors within your game.
I would like to request the ability to disable the API in HD Admin. Having the API enabled could be potentially dangerous if an unauthorised person has access to the server-side through a backdoor or other methods and they can then rank themselves to admin without the creator's knowledge.