Security

We never store your data

Data passes through our servers but is never stored. Nothing persists after your request completes.

Try It Free View Source

How It Works

Security Architecture

No Data Storage

Data passes through our servers but is never stored, cached, or logged. Nothing persists after your request completes.

Encrypted Connections

All connections use TLS encryption. Database credentials are encrypted at rest. Optional E2E encryption keeps part of the key on your machine only.

SSH Tunnels

Connect to databases in private networks via SSH. No need to expose your database to the internet.

Role-Based Access

Control who can access what. Set permissions at table and field level.

Audit Logs

Track every action. See who did what and when.

Self-Hosted Option

Run Rocketadmin on your own servers. Full control, no external dependencies.

Query Protection

No raw SQL access

Rocketadmin never allows users to run raw SQL queries. It's too easy to make a mistake—like forgetting a WHERE clause and deleting your entire table instead of one record. All operations go through a safe UI that prevents destructive accidents.

  • No raw SQL execution—all queries built through safe UI
  • Delete and update operations always target specific records
  • Audit logs cannot be bypassed or disabled by users
  • Every data modification is logged with user identity

Common SQL Mistake

-- Intended: delete order #1042

DELETE FROM orders WHERE id="id";

-- Always true! Deletes everything

This deletes all 50,000 orders instead of one. With Rocketadmin, this mistake is impossible—you select specific records to delete.

AI Assistant

I'll update the order status to "shipped" for orders #1042, #1043, and #1047. This will modify 3 records in the orders table.

Confirmation Required

This action will modify data. Please review and confirm.

AI Security

AI that respects boundaries

We use AI to improve user experience—generating queries, explaining data, and automating tasks. But AI operates strictly within your permission settings. It cannot access data or perform actions beyond what the user is allowed to do.

  • AI inherits user's permission level—no escalation
  • Cannot perform destructive operations even if asked
  • All AI-generated actions are logged in audit trail
  • Your data is never used to train AI models

Data

What We Store

What We Store

  • User accounts (email, name)
  • Encrypted database credentials
  • Permission configurations
  • Audit logs

What We Never Store

  • Your database content
  • Query results
  • Business data
  • Cached records

FAQ

Common Questions

Do you store my database credentials?

Yes, encrypted at rest. They are decrypted only when connecting to your database. For self-hosted deployments, you control everything.

Can your employees see my data?

No. While data passes through our servers, employee access is strictly forbidden and we have no tools to view it.

What if Rocketadmin gets hacked?

Attackers would get encrypted database credentials. Data passes through but is not stored, so there is nothing to steal.

What authentication do you support?

Email/password, Google OAuth. Enterprise plans support SSO.

Is the code open source?

Yes. You can audit the code yourself on GitHub.

Do you have a bug bounty program?

Yes. Report vulnerabilities to security@rocketadmin.com. We reward valid reports for real security issues in Rocketadmin.

Questions?

Email us or check the source code yourself.

security@rocketadmin.com GitHub

Ready to build your admin panel?

Join 1,000+ teams. Get started in minutes, not months.

Start Free Trial Schedule Demo

No credit card required · Free plan forever