Bloxtech Applications V2 | Free application centres | Web interface

Hello! My name is Jonas. Together with @chrisopdemobiel, I founded Bloxtech Applications.

We’re a company which provides free application centres for roblox groups, or anything similar.

Instead of reading your responses in-game or in trello, we have made a whole webpanel for you to use. And just because we love our product, we provide fast and free support. We aim to have every enquiry answered within 24 hours.

We provide support over:

  • Discord
  • Live-chat (from any page on our website)
  • Facebook messenger
  • Email (support@bloxtech.tech)
  • Twitter (slow response)

Our main features

  • Fully manage and set up your application centre via website
  • Easy set-up
  • High quality support
  • Constant development of new features
  • Nice in-game UI
  • Add multiple roles you can apply for in one centre
  • Give other roblox and groups permission to manage your centres
  • Give anyone permission to edit your application centre, they do not need to be registered in our website yet. The system will recognise them when signing up
  • Log-in with Discord
  • Edit application centres with ease (add, edit and remove questions, enable or disable accepting responses,…)
  • Rank applications passed, processing or failed
  • Unlimited storage of applications

We protect your data

  • Our database is behind a very safe password, only two people (Chrisopdemobiel and I) can access it
  • Your passwords are encrypted using the php password hash method
  • Our staff need to sign a non disclosure agreement

Uptime matters
We prioritise our SLA, we guarantee our services to be online 99% of the time. In order to make this possible.

  • Staged update deploys, we test everything before releasing it
  • Your data does not get wiped upon updates
  • Your data is being stored to a backup every 24 hours.
  • A status page
  • We always have the ability to quickly implement fixes if problems would arise due to our development tools being taken with us every day
  • We have a contract with a company to constantly look after our webserver and stop possible threats. In case the server would go down, they will restore it ASAP, 24/7.

Has your service been tested on high loads?
The short answer is yes. To go into deeper detail, we use Cloudflare to cache similar requests. Combined with the speed our server handles requests, this leads into less pressure on the server.
We’ve tested our Web server’s capacities when we were using our V1. Around a few thousand request came in during peak times, our server managed to stay online & quick.

We care about your security

  • Before our support team does anything on your Bloxtech account, they will first verify it is actually you.
  • We’re working on implementing 2FA

Questions, questions and questions!
We support multiple types of questions:

  • Text answer
  • Multiple choice
  • Rate from 1 to 10
  • Typing speedtest

Huzzah! Let’s dance
Our application centre includes several popular songs which are playing in-game! Show your dancing skills!

Seeing is believing :eyes:
Of course, we completely agree. Check out our application centre here!


What is currently on the roadmap for future updates?
A lot!

  • Discord webhook notifications (When an application gets sent…)
  • Commenting on responses
  • 2 factor authentication
  • Ranking bots
  • Log in with google
  • Placing Google ads on our site (to generate revenue and pay for our servers)
  • Use Zendesk instead of several support tools, this will allow us to improve our support
  • Apply via our website instead of in a game
  • Buy advertisements to be shown in application centres
  • Be paid to show advertisements in your application centre (not confirmed)

  • Post your suggestions down below! :wink:

I hope I informed you pretty well and that this might be useful for some of you to use instead of developing these application centres yourself. :smiley:

28 Likes

Is it hashing or encryption? Hashing is a one-way function, while encryption implies reversibility. If you aren’t actually hashing passwords, that would be a pretty major security concern.

10 Likes

Hi,

I’m not sure how many are still using application centers but I believe that Developers will greatly benefit from an In-Game Feedback system, I will definitely use it however my concern is that you and your partner can see the data, it shouldn’t be accessible to you and your staff unless required only when absolutely necessary.

4 Likes

Some questions…

  1. Why should people use Bloxtech over a competitor?
  2. Do you have any background in building web apps to be used on huge scale
  3. Have you stress-tested your app? Have you pentested it?

How can we trust you?

Is there compensation if you do not meet the guarantee?

Why? What data do they have access to?

PHP is unsuitable for building modern and secure web applications. This is not a site I would trust with my e-mail address, let alone my password or users’ data.

Moreover, you don’t seem to know how it’s actually hashing it. For all we know, it could be MD5 or SHA1.

7 Likes

Databases shouldn’t be open to external connections. You should only be able to connect to a database from within the server it’s running on (in most cases).

Hashing and encrypting are two very different things. Which are are using? What algorithm are you using?


All of these features are already provided by trusted competitors. What makes you different?


Do I have your permission to do some penetration testing on the site?

7 Likes

Our apologies for the inconvenience. We have our passwords using PHP’s function password_hash() which makes use of a strong algorithm which makes it irreversible to retrieve your password.

2 Likes

We can’t access your data directly and all external connections are blocked. Only our servers can submit queries to the database for saving/retrieving data.

How does that work? Sorry if I’m asking a lot of questions.

1 Like

Have you tried the emulator or an actual mobile device?


This is too clustered; the mobile controls get in the way and don’t do anything productive, the text box doesn’t even respond to being tapped on, and some of the text is sliced. I’d suggest designing your UIs in the emulator and then working on making them look good on bigger screens.

4 Likes

Why does the website not have Cloudflare installed? Your website could be vunerable to DDOS attacks and many others.

Apart from that, what’s different from your service and others?

1 Like

Our site is being protected by CloudFlare and we use it too to optimize our website:

We at BloxTech Group are providing professionalism and quality.
Many of our competitors are hiring employees without actually screening them and enforcing an agreement (ending up into permission abuse and data breaches), have lots of downtimes, are having lots of bugs, are publishing updates without really testing them, are actually forgetting about privacy and legal requirements and/or more things that are affecting the quality of the services they’re providing.

For us, what we’ve built is not our final product. This is the beginning for many more features and services as we’ve planned internally.

4 Likes

:warning: We’re currently adding some more security layers to our admin panel.
Therefore, our admin panel is currently disabled to prevent abuse of these features. We’re now fixing things up and rewriting several scripts. To keep up to date with the status of the maintenance, please take a look at our status page.

3 Likes

:white_check_mark: Issues resolved
Sorry, we forgot to post an update here. The issues were resolved. :wink:

2 Likes

I only use cloudflare for their dns servers, I don’t even proxy. I just don’t trust russia to host my dns servers.

Cloudflare isn’t the only way to prevent DDoSing. I don’t use their ddos protection. I’ve had to have one of my servers even lag. It’s about how you manage the traffic.

I know AWS, OvH, DigitalOcean’s networks can take the traffic. It’s about how you manage it on your server.

1 Like

May I ask which hashing algo you use for passwords?

What is your experience also?

Have you tested for SQLi/XSS on the site??

Do you validate requests to the database for security?

1 Like

Thanks for the suggestion! We’ll decide later on whether or not our DDOS security should change. :wink:

Of course you may! :slight_smile: We use the php password hash function. :wink:

Experience on what?

Yes, we indeed have! We don’t want our site to be vulnerable for any kind of attacks. :smiley:

Yes, all request are being validated before being executed. In case something would happen and data is being destroyed, we automatically back-up our database every 24 hours.

Kind regards,
Jonas

1 Like

Will you be releasing a “pro” or upgraded version for people who are willing to pay Robux or USD for it?

Examples of the features it might have:

  • Fully customize-able design
  • Roblox Ranking Bot
3 Likes

We’re indeed working on a pro version! Currently we are developing ranking bots. :blush: We’re as well developing a customizable in-game layout. However, what do you think of when we say fully customizable? Just the colors, or?

1 Like

That’s wonderful that you sanitize. Many forget.

Which version of PHP are you using? BCrypt as default wasn’t introduced til fairly recently. (5.5+).

Also, to another matter:
Was lightspeed a choice, or are you using a web host?

1 Like

Haha, so did I. @chrisopdemobiel reminded me to make sure to sanitize before using variables in queries. :slight_smile:

7.2.26

We’re using a web host :slight_smile: However, we’re as well running some stuff on a VPS.

Kind regards,
Jonas