14 Bare Minimum Security Checks Before Releasing a Rails App: - OpenRuby.com

Follow @openruby

14 Bare Minimum Security Checks Before Releasing a Rails App

railsinside.com 30 Mar '12, 1am

14 Bare Minimum Security Checks Before Releasing a Rails App:

When you upload your latest app to a production Web server and open it up to the world, you're really throwing your app to the elements - good and bad. If you don't pay any attention to security whatsoever, you're likely to fall foul of some cracker's nefarious scheme and your users will be complaining when something doesn't work or they're being spammed by geriatric Nigerian clowns with pots of gold to share. But what to do? Luckily, help is at hand in the shape of the official Ruby on Rails Security Guide , but Irish Rails developer Matthew Hutchinson has trawled through that guide as well as several illuminating blog posts relating to Rails security, and put together a 14 step checklist of "bare minimum" security checks to do before releasing your Rails app. In summary: Don't trust logged in users. (Authentication is one thing, authorization to perform certain tasks is ...

Full article: http://www.railsinside.com/tips/486-14-bare-minimum-secur...

Tweets

@NewtNetNews » 30 Mar '12, 6am
14 Bare Minimum Security Checks Before Releasing a Rails App - Today it is of great importance to secure all... #Coding [link]
@DeveloperDrive » 30 Mar '12, 1am
Secure those #Rails apps - here's a quick checklist to look over before you launch [link]

omgbloglol - Improved validations in Rails 3:

omgbloglol.com 30 Mar '12, 8am

Improved validations in Rails 3 Quite sorry about not getting another post up sooner; I’ve been very busy lately with a fe...

Introducing Bloggy: A simple way to add a Jekyll blog to any Rails application

Introducing Bloggy: A simple way to add a Jekyl...

engineyard.com 31 Mar '12, 9pm

We have been working hard on making RVM rock-solid, and to prevent regressions while simultaneously fixing and improving i...

Sam Ruby: Keeping it on the Rails

intertwingly.net 28 Mar '12, 9pm

The previous error that was caught was connection pool of new applications have size 1 . This demonstrates the unique valu...

Rails 3.2.3.rc2 was released

weblog.rubyonrails.org 29 Mar '12, 4pm

Rails 3.2.3 introduced a new option that allows you to control the behavior of remote forms when it comes to authenticity_...

Rails 3.2.3 was released!!!

weblog.rubyonrails.org 30 Mar '12, 10pm

Rails 3.2.3 also introduces a new option that allows you to control the behavior of remote forms when it comes to authenti...

Ruby on Rails Guides: Rails Form helpers:

guides.rubyonrails.org 28 Mar '12, 5am

Forms in web applications are an essential interface for user input. However, form markup can quickly become tedious to wr...

We have a Rails on OS X script, among other ope...

robots.thoughtbot.com 30 Mar '12, 9pm

I was reminded that I’ve been missing out on our sweet laptop script, which is a program we maintain to get a Rails enviro...

Ruby Best Practices - Rails Modularity for Lazy...

blog.rubybestpractices.com 28 Mar '12, 4am

Rails Modularity for Lazy Bastards 2009-04-16 04:31, written by Gregory Brown When we develop standalone systems or work o...

Am I missing something or is this page laughabl...

guides.rubyonrails.org 01 Apr '12, 2am

The very first parameter, a string, is the text of the link which appears on the page. The second parameter, the options h...

Help Yehuda Katz make Rails on OS X easy again!...

rubyflow.com 29 Mar '12, 4am

Help Yehuda Katz make Rails on OS X easy again! (on Kickstarter) Posted by chaostheory on March 29, 2012 — 0 comments Yehu...

[railscasts] Upgrading to Rails 3.2

railscasts.com 01 Apr '12, 9am

Rails 3.2 sports many new features including automatic explain queries, tagged logging, key-value store in Active Record, ...

Walken on Rails

rubyflow.com 01 Apr '12, 8pm

Walken on Rails Posted by laserlemon on April 01, 2012 — 1 comment For quite a while now, Collective Idea has been working...

Rails isn't for beginners

rubyflow.com 03 Apr '12, 7pm

Rails isn't for beginners Posted by stephenballnc on April 03, 2012 — 0 comments I've just written a post on Rake Routes: ...

Engine Yard releases a Developer Center for Rub...

engineyard.com 01 Apr '12, 6pm

S02E12: Engine Yard Support Tasha Drew, our Success Manager interviews some of our awesome Support Engineers: John Yerhot,...

Fitness apps: Fitocracy social media site goes mobile with new ...: Social network site Fitocracy has a new app

Fitness apps: Fitocracy social media site goes ...

militarytimes.com 29 Mar '12, 6pm

Fitness apps: Fitocracy social media site goes mobile with new — free — iPhone app Social network site Fitocracy has a new...