I started creating online open source game as a project in school. It will be server with n connected clients. But now I have a problem with "security". What to do if one client would used modified source code for changing some restrictions? How can I prevent it? My first idea was make client only for connection to server and server would send all necessary files but I don't like this idea very much. Can you advise me something better? Thank you.
You need to keep your validations in the server. The server should check each client move, and if it's not allowed according to the server's rules - reject it.
You should still keep validations in the client, too, so that users who don't mess with the client code can get speedier responses.