How to secure firebase code,I mean can anybody edit its code through google chrome console like view items or other things or there is any thing to prevent it?I am fairly new and only now the basics.
Asked
Active
Viewed 24 times
0
-
Typically you'll want to authenticate your users, and then ensure they only have access to authorized resources (e.g. with security rules for the [realtime database](https://firebase.google.com/docs/database/security/) or [cloud firestore](https://firebase.google.com/docs/firestore/security/overview)). See https://stackoverflow.com/questions/18890330/how-to-make-sure-only-my-own-website-clientside-code-can-talk-to-firebase-back – Frank van Puffelen Aug 08 '18 at 17:08
-
Found another good link explaining this at a high level: https://stackoverflow.com/questions/18005984/how-do-i-prevent-un-authorized-access-to-my-firebase-database – Frank van Puffelen Aug 08 '18 at 17:17
-
Thank you for help,I will look into these links. – Zain Malik Aug 08 '18 at 17:23
1 Answers
1
Your firebase code is sitting with the rest of your website code. I do not believe there is any major issue unless you are using a client side rendered framework for your web application and have left your configuration keys for firebase in the frontend and on top of that your firebase access rules are set to public. Setting the proper firebase rules - you may want to read this: https://firebase.google.com/docs/database/security/ is most important. This applies to all Storage, Database and Authentication.
Saket Tawde
- 26
- 3
-
So basically authentication rules will do the work,Thank you for your help,I will look into it. – Zain Malik Aug 08 '18 at 17:22