Client checking

The first part of security comes from the client. Clients will be doing the hacking, whether it is hacking your packets or RAM or even in some cases, files. There are programs out there, like nProtect, that help prevent against client-side hacking, but the keyword here is help. Theres no such thing as completely preventing client-side hacking, but there is making it very difficult for users.

First off, it is often safe to assume your client is going to be used - no one is going to spend the time required to decrypt the way your client works, and build a replica of it just so they can easily modify the memory and packets. The first step is to do client-side calculations before server-side. For example, with movement - if the character moves, and the client says it hits a blocked tile, don't send the packet to the server, since this is just a waste of the server's time. This won't help against much, though.

Next thing you want to protect yourself against is speed hacks - theres many methods out there for protecting against this, so you may want to search it for it for your language.

The important thing to keep in mind is theres really no hacking prevention you can do on the client. Everything your client can send, the user can send without your client. As long as you never use the client to calculate information without the server double-checking it, you're fine.