+ 4
Hacked my code 🙁
A fellow named "HRX" Has done some modifications in my recent code - chat application. I don't know how that felow hacked 😒. Help me to resolve the problem 🥺 https://sololearn.com/compiler-playground/WeDbqc7f626d/?ref=app
9 Antworten
+ 5
Vidhya Tharan if that person has modified your code without asking your permission or hasn't given you credit. You can message any mentor or write an email regarding this by attaching your code and his code at info@sololearn.com.
+ 6
No one modified your code.
You allow anyone to chat without any sort of registration. I can run your page many times and use a different name and put whatever messages I want. That is not someone hacking. You simply don't have any security in place.
Normally chat tools like this require some authentication and also have filters for content to prevent posting offensive content or links and other measures to protect the chat. With none of that in place, your chat will get filled with garbage.
+ 4
I have now fixed the problem by clearing the firebase storage 👍.
+ 3
He probably have somehow gotten access to your firebase api key. I'm glad it's fixed now !
+ 2
Alright
+ 2
Hello,
I'm sorry to hear your code was compromised. Here's a step-by-step guide to help you identify and resolve the issue:
1. Assess the Damage
Identify Changes: Compare your current code to a recent backup or version control system (e.g., Git). Look for modifications made by "HRX."
Check Logs: Review server and application logs for unauthorized access or suspicious activity.
Statistics for Spotify
https://www.spotify-stats.com
+ 1
Maybe you can limit the length of the message and also set an internal limit on the number of messages stored. You can delete earlier messages if that limit is exceeded.
You should also limit the number of uploads to discourage automated attacks.
Don't leave your site open for people to throw garbage into.
+ 1
Quelq'un parle t'il français ici??
+ 1
You'll need some Firebase security rules for not letting everyone to do everything. Since there's no authentication, this is challenging. At least create a rule so no one can delete/edit messages (or docs) there.