O'Reilly logo

Learning Rails: Live Edition by Edd Dumbill, Simon St. Laurent

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 18. Securing, Managing, and Deploying Your Rails Projects

When most people think about building a web application, they think about the design, programming, debugging, testing, and all the work that has to happen before an application goes live. Writing the code—while, of course, critical—isn’t the only major technology puzzle that has to get solved before an application runs. Bringing that application to the public (or even to an intranet) requires a few more critical steps that are as much about system administration as about code. The Rails framework approach is quite different from the usual CGI or PHP approach, so there are a fair number of Rails-specific issues you need to address.

First, you need to be prepared to battle the hostile nature of the Web. Every publicly exposed application will be tested and tried by a variety of visitors that you may not want or like, and even private applications sometimes face challenges from users. Using Rails isn’t particularly dangerous, and a lot of key techniques for protecting your applications from harm have already been covered. Nonetheless, it’s worth reviewing some Rails features that can be especially helpful.

Securing Your Application

It’s best to consider your application’s security before deploying it rather than after. It’s much easier to test for security leaks in the relative privacy of development mode, when only the schedule is a likely obstacle, rather than in a publicly available installation with real users who will ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required