meh, so I was looking through the .sma of amx_super and noticed the super cool fullupdate blocker, so I thought to myself: why not block the other exploitable user commands?

special is a must as it is used in most looping exploit scripts ( i can give plently of examples ). cl_rebuy and m_pitch do have uses other that looping so I am not sure about blocking these two.

Now i don't know anything about this scripting business but would adding something like this work if I decided to add these blocks on my server?
register_clcmd("special","fullupdate")
register_clcmd("_special","fullupdate")
register_clcmd("cl_rebuy","fullupdate")
register_clcmd("m_pitch","fullupdate")

The fullupdate block is actually to avoid respawn events to trigger in demo records, the fullupdate itself and something else i can't remember.If you completely block fullupdate you would break demos and possibly other things in the game.

actually u cannot block those commands simply by registering them.

this requires more advanced scripting of which you use prethink to realias them and register the clcmd that the alias is changed to.

then the client will exec that new aliased command in their console.

if you can do that, go for it.

I don't think bunnyhopping can be called 'exploit'.

Give me an example of exploit that can only be done by special/rebuy/m_pitch loops.

Valve blocked the use of alias commands in clients a while ago.

[-] August 8, 2005
Changes/Additions
Servers will default to starting up using VAC2
Added "sv_uploadmax" cvar to limit the max size (in MB) a client can use for a custom resource (i.e spray decals)
Don't allow servers to execute "alias" commands on clients (prevents an infinite loop exploit using alias commands from servers)

just because u dont know how to realias them doesnt mean i dont.

if you're curious, pm me.