At RBX.Live, also known as RBXLIVE, our user's safety and data is at the forefront of our priorities. We employ various tools in order to constantly monitor our server's traffic for any suspicious activity which could put our users or their data at risk.
Our servers are protected by Cloudflare. Cloudflare provides DDoS protection and an advanced web application firewall.
The packages and external dependencies used by our server are constantly being checked for updates.
Additionally, all user passwords are stored using a strong hashing algorithm. This is to ensure no one can see your password in the possible event of a data breach. Essentially, he password hashing process involves turning your passwords into a bunch of mumbo-jumbo no one can read, not even us. By using this method, we are able to ensure our users the safest and most reliable web experience while earning their robux without fear of being compromised.
When signing in to RBX.Live, the password you provide will be encrypted and then sent over the internet until it reaches our server. Our server will then hash the password you provided and compare it to the one in the database. If the two hashes match, it means you have provided a valid password & an authorization token will be created and sent to the client.
We use JSON Web Tokens to authenticate our users. The issue with using JWT's is that once a token is issued, they will be considered valid by the server until they have expired. Due to the security issues with stateless JWT's, we developed a blacklist system for invalid tokens. When logging out of your account or when clearing sessions, we put the invalidated tokens in the blacklist to prevent unauthorized access to your account. The tokens are then cleared from the blacklist after they expire.
Our databases are configured to listen for requests on the local network only. Thus preventing unauthorized access to our users' data.
If you've found a vulnerability in our website or you want to search for bugs, please contact us. You may be eligible for a bounty!