Commands

Commands list

• Version
• Scanner
• Scan and delete malware
• Refresh config
• Help
• Clear everything
• Clear vehicles
• Clear peds
• Clear objects
• Bans
• Unban
• Unban all
• Install anti lua inject
• Uninstall anti lua inject

Commands usage

Help

Command rachelp in server console will show you all the available commands:

racversion - The anticheat version that you are running on your server
racscan - Scan your server for backdoors
racdeletemalware - Scan your server for malware and neutralize all infected resources
racrefreshconfig - Refresh your config file after updating fields from config file
racclearall - Clear vehicles, peds, objects
racclearvehicles - Clear vehicles
racclearpeds - Clear peds
racclearobjects - Clear objects
racbans - Bans list
racunban <id> - Unban player from anticheat
racunbanall - Unban all players from anticheat

Version

Command racversion in server console will show the anticheat version that you are running on your server.

Scanner

Command racscan in server console will print backdoors such as hidden / obfuscated commands or cipher or malware content from your server files which were found in your server resources that can have a risk or even high risk to your server. If a backdoor has been found, you can contact support to give you more information about the found backdoor by inspecting found code.

Delete malware

Command racdeletemalware in server console will neutralize malware content from your server files which were found in your server resources that can have a very high risk to your server. If a backdoor has been found, you can contact support to give you more information about the found backdoor by inspecting found code.

Use this command only if needed (only if the anticheat resource has found a suspicious resource inside your artifacts or cipher raid your server), otherwise the command racscan and remove all backdoors found is enough

In order to make the command fully work, you need to add in your server.cfg the following permission: add_ace resource.rac command allow

Command racdeletemalware will delete webpack, yarn, screenshot-basic, oxmysql resources (maybe others) and you have to reinstall them from official sources

webpack: https://github.com/citizenfx/cfx-server-data/tree/master/resources/[system]/[builders]

yarn: https://github.com/citizenfx/cfx-server-data/tree/master/resources/[system]/[builders]

screenshot-basic: https://github.com/citizenfx/screenshot-basic

oxmysql: https://github.com/overextended/oxmysql

It is recommended to reinstall the ox_lib and pma-voice resources

ox_lib: https://github.com/overextended/ox_lib/releases/latest/download/ox_lib.zip

pma-voice: https://github.com/AvarianKnight/pma-voice

Make sure the anticheat resource has not been infected by checking if there is any new folder or file that should not be there

Steps to clean your server
1. Backup your server
2. Use command racscan (while server is running)
3. Use command racdeletemalware (while server is running)
4. Note all your resources that have been cleaned in order to check them later if any file is missing
5. Use command racscan to check the remaining backdoors inside your server
6. Remove the remaining backdoors inside your server
7. Reinstall webpack, yarn, screenshot-basic, oxmysql
8. Reinstall ox_lib, pma-voice (only if needed, but recommended)
9. Make sure the anticheat resource has not been infected by checking if there is any new folder or file that should not be there
10. Stop your server console / FXServer
11. Start your server console / FXServer
12. Use command racscan -> make sure there are no backdoors left
13. Restart your server (1)
14. Use command racscan -> make sure there are no backdoors left
15. Restart your server (2)
16. Use command racscan -> make sure there are no backdoors left

If there are no backdoors left after two restarts, your server is safe. From now, whenever you add a resource, either from backup, either shared resources, analyse them manually by checking if they contain any harmful content

In windows, some malware files are hidden, so in order to see them you have to enable the hidden files

Refresh config

Command racrefreshconfig in server console will refresh your config file after updating fields from config file without restarting/ensuring the anticheat resource.

We recommend to use racrefreshconfig in the console to apply changes to your config file instead of restarting/ensuring the anticheat resource. Avoid restarting the resource while players are online, as the live map feature causes long load times and cache saving delays due to large amount of files.

Clear Everything

Command racclearall in server console will delete every unused vehicles, peds and objects on the server. You can change this command from config file (Config.ClearAllCommand).

Clear vehicles

Command racclearvehicles in server console will delete every unused vehicles on the server. You can change this command from config file (Config.ClearVehiclesCommand).

Clear ped

Command racclearpeds in server console will delete every ped on the server. You can change this command from config file (Config.ClearPedsCommand).

Clear objects

Command racclearobjects in server console will delete every object / prop on the server. You can change this command from config file (Config.ClearObjectsCommand).

Ban list

Command racbans in server console will print on console all bans from bans.json file. The result will show the Id, Player name, Reason and Date. You can change this command from config file (Config.BanListCommand)

Unban player from server console

Command racunban <id> in server console will remove (unban) the player with the entered id from the anticheat ban list. Before enter the Id to unban the player, you have to use the Ban list command (Config.BanListCommand) in order to get the Id you want to remove (unban) or check the bans.json file and get the "id". You can change the unban player command from config file (Config.UnbanCommand).

The Id you enter is not the player id from your server, the Id is the number of ban got in the ban list. You have get the Id by typing Ban list command (Config.BanListCommand) in server console and it will provide as first element for each ban or get it from bans.json file, the field "id"

As an example for the above ban list, if we want to remove the player with Id 3, we have to type racunban 3

By unbanning a player from server console with Config.UnbanCommand, the file bans.json will also get updated.

Unban all players from server console

Command racunbanall will remove (unban) all players from the anticheat ban list. You can change this command from config file (Config.UnbanAllCommand)

By unbanning all players from server console with Config.UnbanAllCommand, the file bans.json will also get updated.

Install anti lua inject feature automatically

Config.AntiLuaInject feature can be installed automatically using command racinstallantiluainject [resourcename | all], but make sure you create a backup of your server before using this command as the fxmanifest of your resource(s) will be modified. The command racinstallantiluainject will add the following lines in the fxmanifest of the resource(s) you want to monitor if the cheater executes code from that resource(s):

lua54 "yes"
client_script "@rac/source/client/inject.lua"
shared_scripts {"@ox_lib/init.lua"}
dependencies {"ox_lib"}

Uninstall anti lua inject feature automatically

Config.AntiLuaInject feature can be uninstalled automatically using command racuninstallantiluainject [resourcename | all], which will revert the process of command racinstallantiinject, so it will remove the lines added above in your fxmanifest from your resource(s)

Event Protection

Make sure that you started the anticheat resource as first resource in server.cfg, above your resource list

This feature will not allow cheaters to call trigger events from executors only for the secured events. When a secured trigger is called for a player from scripts normally, there will not be any problem, but if the player tries to call the trigger from executor he will be detected and get him banned

The event protection works on tokenizer principle, which means each protected event generates a token when a trigger server event is called from the server, and if the token does not match, the player will get banned

In order to install the event protection for your script, you have to add it manually. To add event protection for specific events, you have to add the event you want to protect in config on SecuredServerEvents or SecuredClientEvents and add in fxmanifest of the resource you want to protect (from where the trigger belongs to) the following lines:

lua54 "yes"
client_script "@rac/source/client/trigger.lua"
server_script "@rac/source/server/trigger.lua"
shared_scripts {"@ox_lib/init.lua"}
dependencies {"ox_lib"}

Showcase available on Anti trigger event protection category

Dump protection

Make sure that you started the anticheat resource as first resource in server.cfg, above your resource list.

This feature will not allow cheaters to dump the client and NUI files only for secured resources. When a cheater will dump the resource, the client and NUI files will not be received.

Make sure to create a backup of your resource before you secure your resource from dump.

In order to make the dump protection working, it requires manually implementation by following the next steps:
1. Turn off your server
2. Add the following lines in the fxmanifest of the resource you want to secure

lua54 "yes"
server_script "@rac/source/server/dump.lua"
client_script "@rac/source/client/dump.lua"
files {'html/index.html'}
ui_page 'html/index.html'

3. Create a backup folder inside the resource you want to secure

4. Move the client and NUI files from the resource you want to secure inside the backup folder
5. Add the index.json file from assets archive (.rar) from the anticheat resource (rac > assets.rar > backup) in the backup folder of the resource you want to secure
6. Add the index.html file from assets archive (.rar) from the anticheat resource (rac > assets.rar > html) in the html folder of the resource you want to secure

The index.json file inside the backup folder of the resource that you want to secure contains the name of client and NUI files (example shown above: client file c_testresource.lua and NUI files index.html, style.css, script.js). In case there are more client or NUI files, the list can continue with the name of all files, but the list has to respect the json syntax

[
  "c_testresource.lua",
  "index.html",
  "style.css",
  "script.js"
]

Do not change the name of folder backup. Keep it named backup. In case you rename it, the resource will not work.

Even though the fxmanifest of your resource does not contain the client and NUI files from backup folder you do not have to add them. This is how this feature works, so do not change anything in fxmanifest beside adding the shared lines from above on point (2).

Showcase available on Anti dumper category

PreviousDependencies NextMenu

Last updated 2 days ago

hashtagCommands list

hashtagCommands usage

hashtagHelp

hashtagVersion

hashtagScanner

hashtagDelete malware

hashtagRefresh config

hashtagClear Everything

hashtagClear vehicles

hashtagClear ped

hashtagClear objects

hashtagBan list

hashtagUnban player from server console

hashtagUnban all players from server console

hashtagInstall anti lua inject feature automatically

hashtagUninstall anti lua inject feature automatically

hashtagEvent Protection

hashtagDump protection

Commands list

Commands usage

Help

Version

Scanner

Delete malware

Refresh config

Clear Everything

Clear vehicles

Clear ped

Clear objects

Ban list

Unban player from server console

Unban all players from server console

Install anti lua inject feature automatically

Uninstall anti lua inject feature automatically

Event Protection

Dump protection