Articles tagged security

Code reviewing as a mindset

Code reviews are more than proper indentation and method length. They're about understanding your software, and developing a better team of developers. Here's my approach to the code review practice. (January 16, 2017)

Going HTTPS-only in Rails with Let's Encrypt

Serving your Rails application over HTTP? Starting this month, your users may start receiving security warnings when visiting your site. Protect their safety and privacy quickly and easily with Let's Encrypt. (January 09, 2017)

Rails security essentials

Rails provides excellent support for software security, but you need to know how and when to apply those supports for them to work. Here's an overview of tools you can use to keep your applications safe. (December 12, 2016)

Clearance: The other Rails authentication gem

Looking for a well-balanced authentication solution? Check out Clearance as an alternative to Devise and has_secure_password. (January 23, 2016)

Authorization advice for Rails 3 and beyond

Here's the general process I follow whenever adding authorization—the logic that says what a user's allowed to do—to my Rails applications. (October 06, 2011)

Rails authentication today: Options for 3.0 and 3.1

There's no shortage of approaches to adding password-based security to your Rails applications. Here's a look at the current lineup. (September 21, 2011)

Obfuscated URLs with the FriendlyId gem

SEO-friendly URLs are great, but what if you want to obfuscate things a bit? Here's a proof of concept of one way to get the job done with the FriendlyId gem. (March 11, 2011)