I’m just getting started with Ruby on Rails development and I have a question concerning source code “privacy”.
From what I know so far (i have not done a deployment yet, only used RoR in a local development environment), that when a RoR application is deployed, all the source code is “visible” on the server?
How can I protect my code; so to speak?
By protection I mean, the main purpose being that someone (such as a server administrator on a RoR provider) not being able to “sabotage” the code by easily figuring out what place in the code to “fiddle with”.
How do sites like Shopify, Yellowpages etc. that use RoR, ensure that their code isn’t “sabotaged”?
UPDATE What I’m really looking for is, suppose if I have some code that’s doing Credit Card transactions, I don’t want some rogue employee reading “plain text source code” and sabotaging my website, say by reading my source code and then charging everyone of the signed-up users $10 as a gag. How do I prevent that sort of thing?
Similar to Matt Briggs’s point is that if you don’t trust your web host, you’re addressing the wrong problem.If your web host wants to steal your data, cripple your website, redirect your users, etc., nothing can stop them. Even if the code is fully compiled binary code written in assembler, your admin could still find a hack, replace resources, or replace your code altogether. Moral of the story, find a web host you trust, don’t bother obfuscating your code