Engine Yard has been dedicated to being part of the Ruby community from the beginning. Being community members means being a part of great events, and Ruby Conf 2017 is no exception.
We’re kicking off a programming contest today that is sure to challenge even the most comp-sci heavy engineers out there, and we’re excited to see what you all come up with. With the difficulty of the challenge in mind, we’ve got some great prizes for the winner: an iPhone 3GS AND $2,000 of Cloud (Flex or Solo) credit. Now to jump right in and answer all your questions…
If you are using Ruby on Rails 2.3.1 or 2.3.2, using http digest authentication and setting the username / password via hash, then you will be affected by this vulnerability. This vulnerability allows users to bypass http authentication without a valid password.
There are lots of resources on the web that explain how to scale web applications and how to scale Rails. Here’s a quick summary of just five of the basic strategies for a scalable Ruby on Rails web application. Some of them are specific to Ruby on Rails; others generalize to any shared-nothing application server architecture.