I got an email from: saying: (console.cloud.google.com)
We noticed that your Google Cloud Project has open project firewalls. This could make your instance vulnerable to compromises since anyone on the internet can access and establish a connection to the instance.
The following project has open firewalls:
Playchat (ID: playchat-4cc1d)
Google Cloud Platform provides the flexibility for you to configure your project to your specific needs. We recommend updating your settings to only allow access to the ports that your project requires.
I get a bit confused because in the Firebase console database i have the basic rule at: (console.firebase.google.com)
{
"rules": {
".read": "auth != null",
".write": "auth != null"
}
}
I just started to learn Firebase and asking if someone can explain this? If I have this rules ".read": "auth != null", then why do i get this warning?
There s 2 separate things: 1) Accessing the firebase realtime data base. 2) Accessing the instance that stores runs the application.
Your firebase database indeed blocks unauthenticated users,but your server is still vulnerable to compromises, for example someone can connect to your server and add or update the code.