Good idea. Some of us are now having to manage VPSs as part of our rails deployments and any rails focused information on securing them would be very welcome.
Cheers Hammed On 2/28/07, H. Webers <[EMAIL PROTECTED]> wrote: > > > Hi! > > I think many of us share the perception of Rails being a "secure" > framework. > And that might well be true, because we need less code to get things > done and > less code means a better overview of what's happening. > But though Rails seems to be safer, doesn't allow us to lean back. > There has > been a security bug in Rails last year and even in Ruby. > > In fact most of the security issues with web sites or web applications > don't > necessarily stem from the programming language or framework we use, but > affect > web applications in general. > > I've therefore started a new web site about Ruby on Rails - it's > about the > technologies around Rails and it's about its security. > > It's at http://www.rorsecurity.info/ > > I kindly ask you to take a look at it, put a link on your blog and tell > others > to spread the word and make Ruby on Rails THE secure framework. > In the next few months I will address the secure configuration of web > servers, > how to securely set up MySQL, Rails and Subversion. Also the common > attacks, > such as SQL injection, Cross Site Scripting and many more, will be > addressed, > as well as its countermeasures. > > Best regards, > H. Webers > http://www.rorsecurity.info/ > [EMAIL PROTECTED] > > -- > Posted via http://www.ruby-forum.com/. > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Deploying Rails" group. To post to this group, send email to rubyonrails-deployment@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/rubyonrails-deployment?hl=en -~----------~----~----~----~------~----~------~--~---
