Documentation
Everything you need to integrate Vanguard into your game.
Security & Obfuscation
Protect your code, monitor threats, and configure security rules.
Lua Obfuscation
Vanguard includes two obfuscation engines. The Vanguard engine (default) uses a custom VM with per-build unique output. The Prometheus engine uses AST-level transforms with preset-based configuration.
How to use
1. Open your serverside in the dashboard
2. Navigate to Obfuscator in the sidebar
3. Select your engine (Vanguard or Prometheus) at the top
4. Choose intensity/preset and configure options via the gear icon
5. Paste your code, click Obfuscate, copy the result
Vanguard Engine
VM-based obfuscation with multiple intensity levels and configurable options.
Intensity Levels
lightBasic transforms, minimal performance impactmediumString protection, polymorphic output, integrity checksheavyFull protection suite including tamper detection (recommended)maxAll features enabled, control flow obfuscationextremeMaximum protection with dual instruction set and continuation VMOptions
VM Layers1-3 nested VM layers. Each layer wraps the previous output in a new VM. More layers = harder to reverse, slower execution.Targetroblox (default, server-side with anti-tamper), roblox-executor (client-side with loadstring), luau (portable vanilla Luau)Anti-BeautifierDefenses against code formatters and beautifiers. Enabled by default at medium+ intensity.Continuation VMLoopless dispatch model. Available at heavy+ or via explicit flag. ~30-45% slower but significantly harder to analyze.Block StudioPrevents execution in Roblox Studio.WatermarkEmbed a text watermark bound to the build. Tampering with the watermark corrupts execution.No Anti-TamperDisable tamper detection checks (not recommended).No Env ChecksDisable environment integrity verification.Prometheus Engine
AST-level obfuscation with four preset levels. Good for scripts where VM overhead is unacceptable.
Presets
StrongMaximum AST-level protection with string encryptionMediumBalanced obfuscation with good performanceWeakLight variable renaming and basic transformsMinifyWhitespace and comment removal onlyAPI Usage
/api/v1/obfuscateObfuscate Lua code. Requires authentication.
{
"code": "print(\"Hello World\")",
"engine": "vanguard",
"intensity": "heavy",
"target": "roblox",
"vmLayers": 1,
"antiBeautify": true
}{
"code": "print(\"Hello World\")",
"engine": "prometheus",
"preset": "Medium"
}Security Rules
Create custom rules that automatically allow or block incoming requests based on IP, location, player count, and custom variables. Available on PRO and MAX plans (up to 25 rules per serverside).
How to use
1. Open your serverside in the dashboard
2. Navigate to Security Rules in the sidebar
3. Click Add Rule
4. Select a variable (e.g. VPN Detected, Country Code, Server Players)
5. Set the condition and action (Allow or Deny)
Available Variables
Security Dashboard
Monitor all incoming requests in real-time with geographic visualization, threat detection, and blocked request logs.
Features
• Request map — Global map showing request origins by country
• All Requests tab — View successful requests with IP, location, ISP, threat level, and timing
• Blocked Requests tab — View fake/blocked requests with IP, endpoint, request body, and block reason
• Filters — Search by IP/country/org, filter by IPv4/IPv6, date range (7d/30d/90d), threats only
• Threat detection — Automatic VPN, proxy, Tor, and datacenter detection on every request
Analytics API
/api/v1/serverside/security/analyticsGet security analytics including requests, blocked attempts, and threat data.
serversideId — Serverside ID (required)
days — Time range in days: 7, 30, 90 (default: 7)
page — Page number (default: 1)
limit — Results per page, max 200 (default: 50)
countryCode — Filter by country (e.g. "US")
ipVersion — Filter by IP version: "4" or "6"