Tag: security

  • Storing SMTP credentials in secrets.yml in a Ruby on Rails Application

    Storing SMTP credentials in secrets.yml in a Ruby on Rails Application

    Rails 4.1 introduced the concept of secrets.yml, a file in which you store all the credentials for your app, separated by environment, so for example, development can talk to Test Stripe and production to Live Stripe. Furthermore, this file is capable of picking up environment variables which allows you to divorce credentials from code. Not properly…

  • Don’t forget to clear your client side state when logging a user out

    Don’t forget to clear your client side state when logging a user out

    When a user logs out from our web site, we are used to clearing the session and that’s it. When you are developing a single page application, you are likely to keep a lot of state on the client side, and that should be cleared too. For Ninja Tools, that meant going from the traditional…

  • Forcing SSL in a Luminus application

    Forcing SSL in a Luminus application

    We tend to be very security conscious at Carousel Apps and one thing we often do is force all our applications to run over TLS (aka SSL), that is, when you go to http://example.com we redirect you to https://example.com. This little article will show you how to do it in a Luminus application. First, add Ring…

  • Run bundler-audit during testing

    Run bundler-audit during testing

    There’s a gem called bundler-audit that checks whether any of the gems in your project have open security advisors against them. A year or so ago there was an infamous month in which Rails itself got three of those. It was terrible and I think bundler-audit is a good idea. My only problem with it…

  • Encrypted home in Ubuntu 8.10

    This article is like a third edition to “Encrypted home in Ubuntu (or Kubuntu… or Debian…)”, although I keep changing the name. It’s the 8.10 edition. Many things changed and I updated the article for those, and the rest should work as well. Motivation Every day we put more and more personal information on our…

  • Encrypted home in Ubuntu (or Kubuntu… or Xubuntu…)

    Encrypted home in Ubuntu (or Kubuntu… or Xubuntu…)

    This article is like a second edition to Encrypted home in Ubuntu (or Kubuntu… or Debian…). Important changes include that I have tested it for Ubuntu 7.04 Feisty Fawn and it works, but the devices are sd instead of hd due to all hard disk being viewed as SCSI (I am not sure why). Also…

  • Encrypted home in Ubuntu (or Kubuntu… or Debian…)

    The explanations you’ll find here have been tested with Ubuntu 6.10 (Edgy Eft) and Kubuntu 6.10 (Edgy Eft), they should work without any problem in other members of the Ubuntu family and with minimal changes in other Debian-based distributions like Debian itself or Mepis. In other distributions it might require even more changes.