Sign Up to our social questions and Answers Engine to ask questions, answer people’s questions, and connect with other people.
Login to our social questions & Answers Engine to ask questions answer people’s questions & connect with other people.
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
I am putting my first rails app on the internet, I have read the rails guide on security and have implemented the points listed in there but was interested to hear of anything else ?
Also I currently store my uploads in public/documents is this ok ? I noticed there is no htaccess files protecting the directory.
Storing your uploads in a predictable location is a bad idea if you want to keep them a secret. If you don’t care about people accessing it then it doesn’t matter. Using .htaccess to password protect the directory is a good solution.
You should test your application for vulnerablites using Acunetx($$) or Wapiti (open source).
You should also read: What should a developer know before building a public web site?