How to Fix Api Exposure to Packet Capture apps?

Now it became very easy to hack kodular apps which uses api for online db, I tried kodular cryptography to encrypt data but when decrypted by the server returns different value, Is there any way to encrypt and decrypt data on kodular and server side, or to hide the api from capturing apps? I use mysql on vps server and the api is made by nodejs, Please help me with the security of the db, Thanks in advance.

You can detect intalled apps on users device, if you found any packet capture apps then close application.

Still got hacked, Maybe Kodular is worst at handling hacking.

U mean http canary, net guard etc?

@annaschawdhary157 Yes

1 Like

Hey how ur app got hacked can u please explain bcz m also using kodular from long time and i get 50k+ Downloads on my app but still my app not hacked by anyone…u can also use my Extensions for secure ur Database/token/api/secret as well.

1 Like

Whats ur app name?

Why u r going off topic??

I think u don’t know these apps need an vpn connection to capture(links, api, etc)…
Put a block to check vpn connection is available or not…

If connection available then do this{
}
Else {
}

1 Like

This post was flagged by the community and is temporarily hidden.

@hemantadahalofficial please tell the extensions used by you, it will be very helpful.

Which Database u r using? And what type of ur apps?

If your using mysql, protect your website by integrate with cloudflare… I have been facing same problem from 1 year… now its not capturing any api calls…

@netsolutions1 It’s for webhosting & websites with php, mine server runs on nginx.

No, By integrating Cloudflare your API isn’t secure.

You Should Assign Tokens to your users every single time they log in to your app.

@Ottoman whenever a person captures api, It also capture headers which contains Tokens.

Whaaat? Sure you didn’t make something wrong? May be it is a bug in this component, in this case you should report it to Kodular staff. And most likely, your blocks or in your server you made something wrong.

you might want to try the aes extension App Inventor Extensions: AES Encrypt/Decrypt | Pura Vida Apps
for server side see Q4 there App Inventor Extensions: AES Encrypt/Decrypt | Pura Vida Apps

Taifun

1 Like

:joy::joy::ok_hand:. I can’t do anything if you didn’t understand the logic :grin: