Someone is exploiting all my apps safety measures

So I had a CAD/MDT (Mobile Database Terminal) for my police RP game and somehow got access to my pages that had all the info to change anything in the CAD and exploited my entire system including spamming my Discord webhook. Does anyone know a way to fix this?

Set privacy rules. Be sure your app is not set to public, everyone can edit.

How could I change that

Go in your setting and check in the General tab. First line.
For privacy, you need to go in Data

It was private, maybe a backdoor?

Chech privacy rules and also API Workflow endpoint. Check if they are requesting auth or not.

So disable “This app exposes a Workflow API”?

For now if you want to prevent any issue and you don’t need that, Sure. But you can also set Data privacy in Data section

How exactly, sorry for being a hassle if I am.

https://manual.bubble.io/working-with-data/privacy-and-security.html

2 Likes

This doesn’t really make sense how is defining a privacy character going to prevent this from happening again.

Do you mean that someone got access to your backend? Change page design and layout? Not data?
If this is the case and you have never set your app something else than private… you may look about your own security (email or pc). Maybe you got hacked. But if you are not sure, You should reach Bubble support.

I figured it out the CAD Owner page could stay up for long enough for someone to change settings.

1 Like

To fix this I added a button you had to click to see the options but it tests if you have the permission!

1 Like

Thanks for your help I have figured the issue out!

1 Like