This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Difference between revisions of "Ruby on Rails Connection Security Cheatsheet"

From OWASP
Jump to: navigation, search
(Created page with "When securing a rails application it is essential to enforce connection security. Its is done with simple configuration in rails by enabling TLS and forcing it: <syntaxhig...")
 
(No difference)

Latest revision as of 14:56, 28 February 2018

When securing a rails application it is essential to enforce connection security.

Its is done with simple configuration in rails by enabling TLS and forcing it: 

  # config/environments/production.rb
  # Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies
  config.force_ssl = true

Uncomment the line 3 as above in your configuration for production.

Retrieved from "https://wiki.owasp.org/index.php?title=Ruby_on_Rails_Connection_Security_Cheatsheet&oldid=238178"