Protect firebase database listeners from DOS network attack and abuse of simple credentials

Question

Protect firebase database listeners from DOS network attack and abuse of simple credentials

Firebase makes so much sense on the phone. but not for the internet, everyone knows that

I am using firebase
They know the url of the database
They see how the database is structured for the parts that I allow them to read.
A DOS attack can happen by opening many listeners in the database

I want to implement a listener in news feeds, bookmarks and mail drafts so that the user can continue editing from the phone, for example. Yes, I know that the security rules protect the database, so nobody can read other users' data. But that doesn't protect me from abuse.

Is there any other way to use realtime sync without compromising security? in addition to using the cloud-based features to check the link every minute or on click.

+3

javascript security real-time firebase firebase-database

Hady Rashwan 05 Aug 17 at 18:07

source to share

No one has answered this question yet

Check out similar questions:

1347

How should I take an ethical approach to storing user passwords for later retrieval in clear text?

188

How serious is this new ASP.NET security vulnerability, and how can you work around it?

22

How can I lock a Firebase database to any user from a specific (email) domain?

five

Firebase database listeners not starting after a while when authenticating

2

How to secure firebase Cloud Function HTTP endpoint using authenticated token ids and database rules?

0

AngularFire How to Unsubscribe Firebase Database in Real Time

0

How to password protect specific nodes in Firebase Realtime database

0

How to keep part of firebase realtime database offline

0

How to attack Firebase database rules?

-2

Is captcha bad practice? and how to defend against a brute force attacker

Protect firebase database listeners from DOS network attack and abuse of simple credentials

More articles: