With Firebase Realtime Database, your Database rules is your server side security. You need to be very careful and aware of who has access to your database. It is important that no one gains access to your data that shouldn't.
By default, the Firebase Realtime Database rules allow any authenticated user to read and write all the data, this is probably not what you want your app to do.
Take a look at the below examples for different scenarios.
By default, your database rules require Firebase Authentication and grant full read and write permissions only to authenticated users. The default rules ensure your database isn't accessible by just anyone before you get a chance to configure i