The present disclosure is directed to protecting data stored at a database in a manner that increases data protection minimizing performance reductions. Apparatus and methods consistent with the present disclosure may collect information from user devices from which user inputs are received when collecting data that may be used to protect database data. Methods consistent with the present disclosure may identify code paths traversed, pages of program code where actions were initiated, and functions associated with those actions. This information may be cross-referenced with a set of data, constraints, rules, or command parameters when data associated with a database query is initially associated with an “allow” action or a “deny” action. This information may also be used to evaluate whether newly generated database queries should be allowed to be sent to a database server or to identify whether a database request should be blocked.