Settings and activity

1 result found

1. The ability disable default domains

   43 votes

   Vote Vote Vote

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close

   Vote

   We’ll send you updates on this idea

   4 comments  ·  General » Hosting  ·  Delete…  ·  Admin →
   How important is this to you?

   Not at all You must login first! Important You must login first! Critical You must login first!

   We're glad you're here

   Please sign in to leave feedback

   Signed in as (Sign out)

   Close

   Close
   Good guy supported this idea  ·  Aug 21, 2024
   An error occurred while saving the comment
   Good guy commented  ·  Aug 21, 2024  ·  Edit…  ·  Delete…

   No firewalls can be added to default domain, the default domain can be scanned and the database can be injected If no firewalls such as Cloudflare can be added to it

   Save Submitting...
   An error occurred while saving the comment
   Good guy commented  ·  Jul 7, 2024  ·  Edit…  ·  Delete…

   Quote: "Hi Support,

   I understand, but giving a site a lengthy and random name is not resolving the case, same as robots.txt, which is for search engine robots only.
   Because the loophole here is in the DNS lookup system, one can easily see the TXT records that contains the project name and therefore find the unprotected default domain name, especially when I am using the custom domain to connect to the firebase functions server. It generates extra costs If attacked and even data leakage when scanned by some tools If not protected by a firewall. How do I resolve this?
   All in all, I do not want my proejct ID to be public and so as the default domains, because it cannot be protected by firewalls like Cloudflare and subject to DDOS attacks etc. Thanks."

   Save Submitting...