How to secure twitter codes on a web server?

Hello, so this morning I successfully created a Twitter code redeem system using a webserver I purchased recently. I am new to JSON and web servers in general and was wondering what the best way to secure the codes is? My webserver and domain both have security given by the hoster(I purchased the security) but I don’t know if this is enough. I currently have a file within the webserver FTP called “Codes.json” which is just a JSON table with all the codes. I assume this isn’t secure but maybe it is I have no idea. Any way I can secure it more? Is there a different method to storing the codes?

Unless you plan on telling what the address is and how the Json table is layed out and what the server is expecting in a request then security isn’t much of an issue. I am not particularly sure how your web server is set out but whenever I’ve made a server in Python I have always just verified any actions and have a log of anyone who tries to mess with my server. I believe your security is to prevent people spamming and DoSing the server and not just general usage of the webhook or request api your using.

Honestly you could have just used the Roblox datastores and it would have been cheaper and free - like seriously I could just have a list of codes which a user could use and the actions each code will do and then save in a datastore under a player’s id a section called “codes” and append the code into that - you then check if the code is already in codes and if it is then they’ve claimed it and I can say “you have redeemed it, not having another”. Saves you money to be honest but its whatever you think suits your design and how interactive / live you want it to be whilst a servers running.

Most developers will shutdown the game when a code is added because they usually have updated the game as well. Only time I’d consider using a web server for this would be when I plan to not shut down my game for a solid week and then I’d make requests.


Thank you a lot! Yeah I was originally going to just use datastores but I figured expand what I know and explore some areas I don’t really understand too well. I want to do more with Web Servers /HTTPService eventually, figured this would be a good place to start! Again thank you

I use pastebin for twitter codes, with an unlisted paste. Secure enough imo, and easy to access through HTTPService as well as change the codes whenever I need to by just going to the pastebin website and logging in. Updates in live servers, and completely free.