Rails Security

June 6, 2018

Here are two quick wins for security that will help you sleep better at night: If you are running Rails 5.2 or higher, chances are you are already using the new Content-Security-Policy feature for Cross-Site-Scripting (XSS) protection, it just needs configuring. The Rack-attack gem for throttling spammy clients, and preventing brute-force login attacks. Both of these are quick to get started with, but will benefit from monitoring and fine tuning. ... Read more

© 2020 Keith P | Follow on Twitter | Git