Ruby on Rails applications Security Checklist

Ruby on Rails applications Security Checklist

Summary

This document provides a list of security measures to be implemented when developing a Ruby on Rails application. It is designed to serve as a quick reference and minimize vulnerabilities caused by developer forgetfulness.

Zen Rails Security Checklist

Read Full Document. https://github.com/brunofacca/zen-rails-security-checklist 

 

 

Advertisements

Mac shortcuts

Command(⌘)+space to search and open any application

Command(⌘)+t to open a new chrome tab

Command(⌘)+w to close a chrome tab

Command(⌘)+option(⌥)+arrow(→) to navigate chrome tabs

Command(⌘)+l to jump to chrome search bar

Command(⌘)+option(⌥)+h to hide apps other than the one you’re on

Command(⌘)+h to hide the app you’re on

Control+a to jump to the beginning of the line

Control+k to delete the line after the cursor

How To Install Elasticsearch 1.7 on ubuntu

How To Install Elasticsearch 1.7 on ubuntu

Install Java 8

sudo add-apt-repository -y ppa:webupd8team/java
sudo apt-get update
sudo apt-get -y install oracle-java8-installer

Now that Java 8 is installed, let’s install ElasticSearch.

Run the following command to import the Elasticsearch public GPG key into apt:

wget -qO - https://packages.elastic.co/GPG-KEY-elasticsearch | sudo apt-key add -

Create the Elasticsearch source list:

echo "deb http://packages.elastic.co/elasticsearch/1.7/debian stable main" | sudo tee -a /etc/apt/sources.list.d/elasticsearch-1.7.list

Update your apt package database:

sudo apt-get update

Install Elasticsearch with this command:

sudo apt-get -y install elasticsearch

Elasticsearch is now installed. Let’s edit the configuration:

sudo vim /etc/elasticsearch/elasticsearch.yml

change
network.host: 192.168.0.1

to

network.host: localhost

Now start Elasticsearch:

sudo service elasticsearch restart

Test it

curl -X GET 'http://localhost:9200'


{
  "status" : 200,
  "name" : "Authority",
  "cluster_name" : "elasticsearch",
  "version" : {
    "number" : "1.7.5",
    "build_hash" : "00f95f4ffca6de89d68b7ccaf80d148f1f70e4d4",
    "build_timestamp" : "2016-02-02T09:55:30Z",
    "build_snapshot" : false,
    "lucene_version" : "4.10.4"
  },
  "tagline" : "You Know, for Search"
}

Install mongodb and security setting

Install MongoDB
1 Import the public key used by the package management system.

The Ubuntu package management tools (i.e. dpkg and apt) ensure package consistency and authenticity by requiring that distributors sign packages with GPG keys. Issue the following command to import the MongoDB public GPG Key:

sudo apt-key adv --keyserver hkp://keyserver.ubuntu.com:80 --recv 7F0CEB10

2 Create a list file for MongoDB.

Create the /etc/apt/sources.list.d/mongodb.list list file using the following command:

echo 'deb http://downloads-distro.mongodb.org/repo/ubuntu-upstart dist 10gen' | sudo tee /etc/apt/sources.list.d/mongodb.list

3 Reload local package database.

Issue the following command to reload the local package database:

sudo apt-get update

4 Install the MongoDB packages.

You can install either the latest stable version of MongoDB or a specific version of MongoDB.
Install the latest stable version of MongoDB.

Issue the following command:

sudo apt-get install mongodb-org