Introduction
Sentinel AC is a hybrid anticheat for FiveM combining client-side kernel-level detection, server-side validation, and a live admin dashboard. This guide walks you from a clean server through a fully tuned production deployment.
Requirements
- FXServer build 6683 or newer (artifact 6683+).
- OneSync enabled (Legacy or Infinity).
- Outbound HTTPS access from the server to
sentinelac.co.uk. - A valid Sentinel license key (issued after purchase or trial signup).
- txAdmin (optional, but required for the admin-bypass tag).
Installation
- Download the latest release from the dashboard → Builds.
- Extract the archive into your server's
resources/directory. The folder must be namedsentinel_ac. - Add the resource to
server.cfg— load it before your framework and gamemode:
# server.cfg
ensure sentinel_ac
ensure es_extended # or qb-core / qbox
ensure my-gamemodeRestart the server. You should see:
[sentinel] online · build 2.4.1 · license OK · 12 modules loadedLicense key
Set your key as a server convar so it's never committed to source control. You can find your key under Settings → License in the dashboard.
set sentinel_license "sk_live_xxxxxxxxxxxxxxxxxxxx"Keys are bound to your FXServer license, but movable between machines at any time from the dashboard.
Configuration
All configuration lives in config.lua. Defaults are production-ready — only override what you need.
Config = {}
Config.AutoBan = true -- auto-ban on score >= threshold
Config.BanThreshold = 100 -- detection score that triggers a ban
Config.KickThreshold = 60 -- score that triggers a kick
Config.ScreenshotURL = "https://your-discord-webhook"
Config.EvidenceClip = true -- record last 30s on flag
Config.HeartbeatRate = 5 -- seconds between client heartbeatsDetection modules
Sentinel ships with 12 detection modules. Toggle individually in config:
| Module | Type | What it catches |
|---|---|---|
ac_memory | Client | Signature scan for known cheat binaries |
ac_injection | Client | DLL & module injection into FiveM.exe |
ac_lua | Client | Unauthorized Lua executors & runtime patches |
ac_movement | Server | Speed hacks, teleport, no-clip, freecam |
ac_weapon | Server | Triggerbot, illegal damage, weapon spawning |
ac_economy | Server | Money dupes, inventory exploits |
ac_events | Server | Malicious net-event triggers |
ac_assets | Server | Asset/resource integrity & dumper signatures |
ac_antidump | Server | Resource dumping & evidence stripping |
ac_connection | Server | Identifier spoofing & ban evasion |
ac_admins | Server | txAdmin admin role detection |
ac_heartbeat | Both | Client liveness & tamper detection |
Custom rules
The rule builder lets you write JSON rules for project-specific exploits without touching Lua. Rules live under Rules in the dashboard.
{
"name": "Block illegal vehicle spawn",
"event": "esx:spawnVehicle",
"when": { "model": { "$in": ["LAZER", "HYDRA", "RHINO"] } },
"action": "kick",
"reason": "Restricted vehicle"
}Discord webhooks
Get notified for every detection, ban, or appeal:
Config.Webhooks = {
detections = "https://discord.com/api/webhooks/...",
bans = "https://discord.com/api/webhooks/...",
appeals = "https://discord.com/api/webhooks/...",
}Each payload includes the player, detection score, module, evidence link, and a one-click action button to ban or whitelist directly from Discord.
Admin bypass (txAdmin)
When ac_admins is enabled, players holding an active txAdmin role are tagged with an ADMIN badge in the dashboard and exempt from auto-kick / auto-ban. Detections are still logged for audit purposes.
Config.AdminBypass = {
enabled = true,
roles = { "superadmin", "admin", "moderator" },
}Admin dashboard
The dashboard is your day-to-day control center:
- Overview — live detection feed and active player count.
- Players — searchable roster with full session history.
- Detections — every flag with evidence playback.
- Bans / Appeals — moderation queue with audit trail.
- Rules — visual builder for custom detections.
- Status — 90-day uptime and incident history.
Troubleshooting
Resource fails to start
Check the console for a license error. Confirm sentinel_license is set and the server can reach sentinelac.co.uk over HTTPS.
Players being kicked after a recent update
Lower Config.KickThreshold temporarily and check the dashboard for the triggering module. If a module is misfiring, disable it in config and report the false positive via the dashboard.
Dashboard shows "Anticheat offline"
Heartbeats are missing. Verify the resource is running and that outbound HTTPS isn't blocked by your host's firewall.
Support
Stuck? We're around — open a ticket from the contact page or check the status page if something looks off. Enterprise customers have a direct on-call channel — check your welcome email for details.