tags:

views:

63

answers:

1
Q: 

How to deal with Denial of Service attack and Session fixation and Cross Site request forgery in Rails?

Hi,

I have just started learning Ruby on Rails.

I happened to look for prevention of DNS attacks in Rails and ended up reading about DNS, Session fixation and Cross Site request forgery in Rails?

How do you prevent all the above three attacks??

Could you suggest me a good tutorial on how to deal with attack in RoR?

Looking forward for your help

Thanks in advance

Regards,

Gautam

A: 

CSRF: Rails has built-in protection against these attacks that is turned on by default. See this article.

Session Fixation: This article has some decent info.

Denial of Service: Not sure there's anything Rails-specific to be done, but I have almost no experience dealing with these. I just let my outstanding host deal with them.

rspeicher  2010-06-01 19:31:06

related questions

Best place to get Ruby on Vista up and running as dev environment
How can I encode xml files to xfdl (base64-gzip)?
What is the best way to learn Ruby?
Learning Ruby on Rails any good for Grails?
How to sell Python to a client/boss/person with lots of cash
How do I create a Class using the Singleton Design Pattern in Ruby?
How do I update Ruby Gems from behind a Proxy (ISA-NTLM)
Why Should I Learn Ruby?
How do I create a new Ruby on Rails application using MySQL instead of SQLite?
How do I rake tasks within a ruby script?
Ruby On Rails with Windows Vista - Best Setup?
Mapping values from two array in Ruby
Reverse DNS in Ruby?
Text Editor For Linux (Besides Vi)?
What is good forum software to add to an existing Rails application?
Calling Bash Commands From Ruby
How can I modify .xfdl files? (Update #1)
How do I use (n)curses in Ruby?
Open Source Ruby Projects
How do I fix 'Unprocessed view path found' error with ExceptionNotifier plugin in rails 2.1?
When to use lambda, when to use Proc.new?
Frequent SystemExit in Ruby when making HTTP calls
Implementation of "Remember me" in a Rails application.
.NET Migrations Engine
How do I add existing comments to RDoc in Ruby?