Vac ban system.

that’s not something you can get banned for

I’m not saying it is something you can be banned for now-a-days, however, it was when VAC first came out. It was classified as a “No recoil hack” on the screen.

I can’t seem to find the information over the wave of whiny kids and their TF2-hack.

However if I do remember correct. Steam used to ban for non 3th-party ‘ticks’ in the old days.
Some special keybinds for example.

However a vac that’s over 5 years old shouldn’t be blacklisted. The person most likely regret what happened or it might even be someones little brother.
If you’re going to blacklist vac’ed people … at least only list recent bans.

I used to create pretty sophisticated scripts ( for what we had to work with ) for CS and HL, pushing alias, and binds to the limit. Essentially macros and menus to go next, previous, select ( nested menus too for character selection and move selection ), etc…

All of that came after the ban though, I started making those scripts when I got involved in the modding community to help manage the sites for Triforce Mod, DragonModZ and quite a few others ( made a content management system that I could update my site and have all of the other sites update in real-time. I tried asking around to see if it was possible and everyone I came across told me that it wasn’t… but it was. )

Thanks for posting the confirmation regarding the keybinds for those that doubted it was actually a thing early on.

For the OP:

Here is a list of essentially what you can do with the Steam API without a key:

and with a key:

Here are “cleaned” versions, essentially the URL without the common prefix of : “”;

No key required:

Key required:

Please note, the “key-required” lists do have the non-key required items mixed in.

You can obtain a key here for your server ip ( 1 key per account ):

The URL for detecting vac bans:

And how to use it:

http.Fetch( _url, function( _data )
		local _tab = util.JSONToTable( _data );
		local _pdata = _tab.players[ 1 ];
		if ( _callback ) then
			_callback( _pdata.CommunityBanned, _pdata.VACBanned, _pdata.EconomyBan, _pdata.NumberOfVACBans, _pdata.DaysSinceLastBan )
	end );

How I use it ( In player_connect game-event ) with _steam being the SteamID of the player and the second argument being _callback:

	// Check VAC Bans
	STEAM_API:GetBanHistory( _steam, function( _communityban, _vacban, _economyban, _bancount, _dayslastbanned )
		MsgC( COLOR_CYAN, "[" .. GAMEMODE.Name .. "]", COLOR_GREEN, "-VACBans: [ \"" .. _name .. "\" " .. _steam .. " ]" );
		if ( _bancount > 0 ) then
			MsgC( COLOR_RED, "- FOUND - #" .. _bancount .. " bans with last being " .. _dayslastbanned .. " ago!" );
			if ( _communityban ) then MsgC( COLOR_RED, " C " ); end
			if ( _vacban ) then MsgC( COLOR_RED, " V " ); end
			if ( _economyban ) then MsgC( COLOR_RED, " E " ); end

			// Here's how to add a "kick" if the ban isn't 30 days old; NOT RECOMMENDED. I'd only recommend output info to server on join, or to admins until the user is cleared as being either a minge or good player
			if ( _dayslastbanned < 30 ) then
				// RunConsoleCommand( "kickid", _steam );
			MsgC( COLOR_GREEN, " : NONE!" );
" );
	end );

This is the full function to get an idea of what it looks like in terms of being called.

// Ban History Helper-function as example... Won't work without the basics of this set-up. It will be released in my acecool_devbase in the near future.
function STEAM_API:GetBanHistory( _steam, _callback )
	// Takes 64 or 32 as input and outputs both 32 and 64 in same order every time
	local _steamid, _steamid64 = self:TranslateSteamID( _steam );

	// Bots don't get VAC banned...
	if ( _steamid == "BOT" ) then return false; end

	// STEAM_API.KEY is the API Key, and _steamid64 is the steam id we're looking into, they're string.formatted into the url
	local _varargs = { self.KEY, _steamid64 };

	// The url to use ( the self.query_url is the url given above ( common prefix )...
	local _urlstring = "ISteamUser/GetPlayerBans/v0001/?key=%s&steamids=%s&format=json";
	local _url = string.format( self.query_url .. _urlstring, unpack( _varargs ) );

	// Posted above, but to show you the context of what it looks like within this function, to see the base function args, etc... Takes the formatted url as input, only using on success callback with _data being the content that is retured
	http.Fetch( _url, function( _data )
		// Converting the JSON data returned to a useable table
		local _tab = util.JSONToTable( _data );

		// Referencing the player data table ( this should always exist and report either yay or nay )
		local _pdata = _tab.players[ 1 ];

		// If a callback function was input, callback with the data in _pdata as arguments
		if ( _callback ) then
			_callback( _pdata.CommunityBanned, _pdata.VACBanned, _pdata.EconomyBan, _pdata.NumberOfVACBans, _pdata.DaysSinceLastBan )
	end );

I wouldn’t ban permanently for VAC violations as they can be a joke. I output the information to admins, and the check is bypassed for players with a good account standing ( so it is for first-joiners primarily to keep an eye on any potential bad flags, and for users not-quite known )

to do it all you have to do is use the steam api and parse the json - you can get number of vac bans and days

but im not going to give you code because your idea is stupid

edit: i just realized i got ninja’d hard, sorry
gg on spoonfeed btw guys

oh and yes, vac1 used to ban for faulty memory too
watch out uninstall your antiviruses before they openprocess and readprocessmemory
vac was stupid once but now, trust me, it’s decent.


Not a single variable without an underscore for a prefix. For some reason it makes it harder to read…

I follow my coding standards:

Essentially locals use _, globals do not unless it is a redirect like __PRINT = __PRINT || print; where they shouldn’t be touched. Enumeration and CONSTs are all caps. When I add boolean logic to a variable I use _bIsX, etc…

It may be “hard to read” initially, but being able to tell where a variable is defined by how it is named helps greatly!

honestly i think hungarian notation and all this stuff is bullshit

if it was hard to write it should be hard to understand

if you write it you MUST know what it means

NOT TO MENTION that if you want to change a var then you have to change it all over the code

vomits It’s not a coding standard if no one else uses it. Locals are locals, only exist in the current scope. why bother with underscore prefix when they are not globals? That’s the only time where something you don’t want to be touched should have an underscore.

Anyway, I am not here to rant about how everyone codes.

Coding Standard:

More info:

It doesn’t matter if no one uses it, or everyone does. It is a coding standard because it is a set of guidelines as to how each aspect of the code should be written.

This is exactly why it is part of my class that I teach, so that people understand what a standard is, why it is used, why it is important to be able to quickly adapt between them as companies may use one for one programming language, and another for a different, or they may use a universal one within the company so that each programmer working on a project can expect to look at the code and easily read and understand it.

Look I’ll be blunt here, we don’t care that you have to explain your coding convention every time you try to help someone with your underscores filled code.

All it does is just derail the thread , especially if you drop a massive wall of text like this one , so please just post the solution and move on.

As much as I hate to point it out, because I think the way Acecool codes doesn’t help anyone at all, his coding standards aren’t only used by him. Take Microsoft’s CRT initialization code for example.

Anyway, why bother banning someone that isn’t actually cheating? You’re just losing players for no reason, especially if they didn’t cheat. What if for example, someone sold their counterstrike VAC banned account that owned garrysmod to someone else? Why should they be banned?

One of the reasons might be that recent VAC’ed people tent to be cheating (4/6 people banned by my admins was VAC’ed last time I ran a server).
However this will block many innocent people; Hijacked people, Victim of viruses … ect. Stick with the best anticheat there are: Admins.

Hex i thought u were banned from fp

So he wants to ban people because they might be cheating? Ahhhh

I think I have found the solutions to your problems OP:

hook.Add( “CheckPassword”, “AntiCheat”, function( sid, ip, pass, clpass, name )

// Adjust if you have more cheaters!!
local percent = 50;

// Ban 'percent' of the cheaters
if ( math.random(0, 100) &lt;= percent ) then

	RunConsoleCommand( "banid", sid );
	return false, "Banned for cheating";


return true;


Makes me want to talk about “constants and variables” suddenly :stuck_out_tongue:

-snip- late

This won’t work, it will just exponentially decrease the number of vac banned players. Imagine if a player was ‘chosen’ not to be banned, he could rejoin, and still be banned. This will overall decrease the population of vac banned players on your server.

A is the initial number of banned players that would join your server, e being eulers constant, and x being control variable (recursions of players rejoining):

y = A*e^(-0.5x)

Aren’t VAC bans exponential? The amount of VAC bans aren’t static.