Rails Encrypted Credentials Use AES 128-bit Key

Rails 5.2 introduces Credentials which replaces Secrets and Encrypted Secrets from previous Rails versions. I have previously written about Credentials for those of you wanting to know more.

Read More

Memcached Security aka Don't Attack GitHub 

GitHub recently experienced the largest attack we've seen to date. At the peak, they received 1.35 Tbps via 126.9 million packets per second. We don't know who launched the attack but we know how they did it. The attackers used an amplification attack using memcached servers that were exposed to the internet.

Read More

Ruby SSL Error: certificate verify failed

When working on your Rails app or when installing gems, you might get this Ruby SSL error :

Read More

Rails Encrypted Credentials on Rails 5.2

Rails 5.1 introduced encrypted secrets, which gives you two places to put your secrets -- secrets. yml and secrets.yml.enc. This causes a bit of confusion on when you should use normal secrets or encrypted secrets.

Read More

Encrypted Configuration on Rails 5.2

Credentials is a new feature on Rails 5.2 which replaces secrets and encrypted secrets. Under the hood Credentials use EncryptedConfiguration which you can reuse if you need to use encryption on other parts of your application.

Read More

PostgreSQL Replication Tutorial For Disaster Recovery

This blog post is a step by step tutorial on how to set up PostgreSQL Replication between AWS regions. This is an essential part of our disaster recovery plan at Engine Yard. A previous blog post gives a higher level overview on disaster recovery.

Read More

Password Security Part 3: The Anatomy of a Hash

Password Security Part 3: The Anatomy of a Hash

Note: this is three of a three part Password Security series.
Read More

Password Security Part 2: Using Bcrypt

Password Security Part 2: Using Bcrypt

Note: this is part two of a three part Password Security series.
Read More

Password Security Part 1: By The Numbers

Password Security Part 1: By The Numbers

Note: this is part one of a three part Password Security series.
Read More

Subscribe Here!