On 1/12/2011 1:37 PM, Jeffrey L. Taylor wrote:
Quoting Owain<[email protected]>:
On Jan 12, 2:54 pm, "Donald R. Ziesig"<[email protected]> wrote:
Douglas,
I have been using cron tasks that invoke curl that invokes the routes
that perform the periodic tasks for several years.
Do you wrap some security on those routes at the web-server level or
in the application? If you secure at the webserver, do you do it by ip
address or user/password
Look at local_request? method in ActionController.
HTH,
Jeffrey
I restrict the ip to 0.0.0.0 (localhost) so no one outside the server
can use the route. If someone is able to hack into the server itself,
all bets are off. :-( . So far I haven't had any problems, and the site
has been up for 3.5 years so far.
local_request? would work too.
Donz
--
You received this message because you are subscribed to the Google Groups "Ruby on
Rails: Talk" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
For more options, visit this group at
http://groups.google.com/group/rubyonrails-talk?hl=en.
