Editorial

Security

Using SSL in Rails Applications

If your web application manages any private information, you should be using SSL (https://) for pages where that information is entered or displayed. Fortunately, implementing SSL isn't too hard, once you know what you need to do. continue...

Articles

New Articles
from around the Web

Ruby on Rails Security Guide
Nakul Aggarwal and Ritesh Arora

A great list of issues to pay attention to, and techniques to use, to improve the security of your Rails application.

Books

Sorry, no books yet
for this category

Have one to suggest? Enter in the form on the right.

Links

Links by Type

Groups (2)

Ruby on Rails: Security
Announcement-only list for issues relating to Rails security.
Open Web Application Security Project (OWASP)

Screencasts (6)

Railscasts - Filtering Sensitive Logs
Are you accepting sensitive user data? Passwords, credit card numbers, etc. By default, Rails stores all submitted parameters in plain text in the logs. This episode will show you how to filter this sensitive input so it doesn’t show up in the log file.
Railscasts - Filtering Sensitive Logs
Railscasts - Cross Site Scripting
Railscasts - Hackers Love Mass Assignment
Railscasts - SQL Injection
restful_authentication

e-Books (1)

Rails Security Audit PDF | PeepCode Screencasts for Ruby on Rails Developers
Detailed ebook on keeping your Ruby on Rails application secure.

Blogs

Top Blogs

CSRF - An underestimated attack method
Heiko
Moves On Rails : Rails Security
Ruby on Rails Security Blog
Heiko Webers

Exploring the Security of Rails and associated technologies.

Ads from Ruby Row

Browse

Join Our List

And we'll let you know when we post major new site updates.

We Welcome
Your Feedback

Have a link to suggest? Or just an opinion to share? We want to hear from you.

Note: Comments entered here will be sent to the editors, not displayed. You can enter public comments on article pages and blog posts.