Forum: Rails deployment Rails is secure

Announcement (2017-05-07): is now read-only since I unfortunately do not have the time to support and maintain the forum any more. Please see and for other Rails- und Ruby-related community platforms.
79ba2393f214ecd2ece4a4cecb8fd4ec?d=identicon&s=25 H. Webers (Guest)
on 2007-02-28 00:44

I think many of us share the perception of Rails being a  "secure"
And that might well be true, because we need less code to get  things
done and
less code means a better overview of what's happening.
But though Rails seems to be safer, doesn't allow us to lean back.
There  has
been a security bug in Rails last year and even in Ruby.

In fact most of the security issues with web sites or  web  applications
necessarily stem from the programming language or framework we use, but
web applications in general.

I've therefore started a new web site about Ruby  on  Rails - it's
about  the
technologies around Rails and it's about its security.

                      It's at

I kindly ask you to take a look at it, put a link on your blog and tell
to spread the word and make Ruby on Rails THE secure framework.
In the next few months I will address the secure configuration of web
how to securely set up MySQL, Rails and Subversion. Also  the  common
such as  SQL injection, Cross Site Scripting and many more, will be
as well as its countermeasures.

Best regards,
  H. Webers
0bcc972918891ef358b0b3dfb4e7f18b?d=identicon&s=25 Hammed Malik (Guest)
on 2007-02-28 01:01
(Received via mailing list)
Good idea. Some of us are now having to manage VPSs as part of our rails
deployments and any rails focused information on securing them would be

This topic is locked and can not be replied to.