Firebase Client access to your Realtime Database expiring in X days

Question

This is what i got form the mail from firebase.

Firebase Client access to your Realtime Database covid-19-tracker-17659 is expiring in 4 day(s)

You chose to start developing in Test Mode, which leaves your Realtime Database instance completely open to the Internet. Because this choice makes your app vulnerable to attackers, your database security rules were configured to stop allowing requests after the first 30 days.

In 4 day(s), all client requests to your Realtime Database instance will be denied. Before that time, please update your security rules to allow your app to function while appropriately protecting your data. Analysis is run daily; if you've modified your rules in the last 24 hours, those changes may not be accounted for.

My Realtime database rules

{
  "rules": {
    ".read": true,  
    ".write":true  
  }
}

What changes should i do in my security rules, so that i can run my project still on test mode.

Answer 1

In my case It was

{
"rules": {
".read": "now < 1679680800000",  // 2023-3-25
".write": "now < 1679680800000",  // 2023-3-25
}
}

I fixed it temporarily in test mood by updating values like

{
"rules": {
".read": "now < 1779680800000",  
".write": "now < 1779680800000",  
}
}

Answer 2

If your application doesn't allow any write operations from the client side you can change the write condition from true to false this makes your database impossible for anyone in the web to access and change the data you made.

But if your application do allow some write operations from the client side and your application uses login authentication you can add this condition to allow the those users who logged in to your application.

{
  "rules": {
    ".read": "auth != null",  
    ".write":"auth != null"
  }
}