• Projects -
  • Rating -
  • Rating 726

Budget: 180 EUR Deadline: 5 days

Good day! Security audit before launch is our specialty (we run the security practice GuardLabs: monitoring, access leak detection, hardening). I will break it down specifically for your stack.

Block 1 — security (key for Supabase):
- RLS — priority #1. I will check EVERY table: whether a user can access foreign rows directly through PostgREST/REST API bypassing the interface (weak policy = client reads foreign data bypassing UI). Tests under different roles/accounts.
- Keys: the frontend should ONLY have the anon key, service_role — never. I will check the JS bundle for secret leaks.
- Auth: registration, email verification, password reset, session lifetime and invalidation, brute force protection.
- XSS / injections / validation; CORS; CSP / HSTS / X-Frame headers; TLS; rate limiting on sensitive endpoints.
- GDPR: proper account deletion and all data (without "soft-delete" remnants).

Block 2 — readiness: Lighthouse/PageSpeed with specific reasons and fixes; mobile responsiveness + cross-browser compatibility; forms, broken links, 404; basic SEO (meta/robots.txt/sitemap); correctness of analytics; backups + availability monitoring.

  • Projects 14
  • Rating 5.0
  • Rating 3 952

Budget: 200 EUR Deadline: 10 days

I will conduct an external audit of the online service before launch: Supabase RLS/Auth, access to personal data, keys in the frontend, XSS/validation, CORS, security headers, HTTPS, GDPR scenarios, speed, mobile adaptation, forms, SEO, analytics, backups, and monitoring.

You already have test accounts prepared with different roles and datasets to check the main issue: can one user through the frontend, API, or Supabase queries access another user's records from the dashboard?

Budget and deadlines will be discussed in personal correspondence after reviewing the test copy, description of roles, Supabase schema, RLS policies, VPS/Apache configuration, analytics, and the desired report format critical/high/medium/low.

Similar project: В модулі OpenCart виправити 5 проблем повязаних з Facebook API
Corporate Website for ILC Phoenix (WordPress/Elementor)
  • Projects 20
  • Rating -
  • Rating 2 116

Budget: 200 EUR Deadline: 10 days

Good day. I understand the task: an external audit of the online service before the public launch, which includes registration, personal accounts, and calculators, and stores personal data. The stack is a static frontend plus Supabase with PostgreSQL, RLS, and Auth, VPS on Apache with HTTPS, third-party email distribution, and web analytics. Two blocks are needed, security and readiness for launch, with a structured report output by levels of criticality and recommendations.

Regarding security, I will cover exactly the points you listed. For Supabase, the main focus is on RLS policies: I will check each table to ensure that users cannot access foreign rows through direct queries to PostgREST, as weak policies allow clients to read data bypassing the interface. I will also separately check if service keys are exposed in the frontend (only the anon key should be present, never the service_role), input validation against XSS and injections, the entire authentication flow (registration, email verification, password reset, session lifetime and invalidation), CORS and CSP headers, HSTS, TLS, rate limiting on sensitive endpoints, and proper account and data deletion under GDPR.

For readiness for launch, I will check speed using Lighthouse and PageSpeed with specific reasons for any drops, mobile responsiveness and cross-browser compatibility, form functionality, broken links, the 404 page, basic SEO with meta, robots.txt, and sitemap, correctness of analytics, availability of backups, and monitoring of accessibility.

I have practical experience in such audits: I have gone through full cycles of security, data, and infrastructure audits before releases on my projects, and I constantly work with PostgreSQL and RLS. The report will be structured by criticality: critical, high, medium, low, where each issue will include the essence, the threat it poses, and how to fix it.

I am ready to take a test copy and access to assess the scope more accurately. Approximately how many tables are in Supabase and how many separate calculators are in the service?

  • Projects 37
  • Rating 5.0
  • Rating 2 335

Budget: 100 EUR Deadline: 4 days

Good day! I offer a comprehensive website audit. Here is an example of QA https://qa-titan.vercel.app Here is an example of SEO https://seoanalysis.pp.ua/salesdep/index.html I can also additionally perform an analysis of security issues and code architecture. I have experience as a full-stack developer in js, php, and devops - VPS administration.

  • Projects 11
  • Rating 5.0
  • Rating 1 773

Budget: 15000 EUR Deadline: 7 days

We have experience in conducting security audits for services based on Supabase and PostgreSQL. We will analyze the RLS settings, the correctness of Auth functionality, and the security of your VPS. We will implement this through comprehensive vulnerability testing and configuration checks before the release to ensure reliable protection of users' personal data.

Proposals concealed

The list does not show proposals concealed by the client or freelancer with a Plus profile, as well as proposals violating rules

Current freelance projects in the category Testing & QA

2 July
1 July