This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org
Ruby on Rails Connection Security Cheatsheet
From OWASP
Revision as of 14:56, 28 February 2018 by ZaurMolotnikov (talk | contribs) (Created page with "When securing a rails application it is essential to enforce connection security. Its is done with simple configuration in rails by enabling TLS and forcing it: <syntaxhig...")
When securing a rails application it is essential to enforce connection security.
Its is done with simple configuration in rails by enabling TLS and forcing it:
# config/environments/production.rb
# Force all access to the app over SSL, use Strict-Transport-Security, and use secure cookies
config.force_ssl = true
Uncomment the line 3 as above in your configuration for production.