Great info here for securing Rails site. Did not know of sanitize but I am going to use it. Thanks 🙂
Any thing on the net is vulnerable to attack. The threat can be at any layer: database, web server or web application. Some of the common security threat are : Cross Site Scripting (XSS), Cross Site Request Forgery (CSRF, XSRF), Man in the Middle (MITM), SQL Injection (SQLI), Mass Assignment & Parameter Injection etc . There is nothing like complete protection. There is a proverb in hindi “taala sarifon k liae hota hai…choron k liae nahi” , means “Lock on the door can prevent good peoples from entering the house not the thieves“. But at least the lock can make the thieve to struggle for entry and provide 60% security to our house.
Rails framework, provide 70% inbuilt security if you use all its feature properly and adhere to its security guideline . Web Security is a wide field in…
View original post 2,055 more words