Home arrow Ruby-on-Rails arrow Page 4 - Secure Application Deployment with Ruby on Rails

Secure Application Deployment with Ruby on Rails

In this third part of a five-part series on deploying an ecommerce application with Ruby on Rails, you will learn how to configure access to the application so that it is properly secured, and more. This article is excerpted from chapter 12 of the book Practical Rails Projects, written by Eldon Alameda (Apress; ISBN: 1590597818).

Author Info:
By: Apress Publishing
Rating: 5 stars5 stars5 stars5 stars5 stars / 5
August 09, 2010
  1. · Secure Application Deployment with Ruby on Rails
  2. · SSL Configuration
  3. · FastCGI Module Configuration
  4. · Creating the Production Database

print this article

Secure Application Deployment with Ruby on Rails - Creating the Production Database
(Page 4 of 4 )

Before deploying and starting the application, you need to create the production database. Without it, your application wouldn’t work and Rails wouldn’t even start in production mode. Log in to the remote server and execute the following commands:

$ mysql -uroot
create database emporium_production;
grant select,insert,update,delete,create,drop on➥
emporium_production.* to 'emporium'@'localhost' identified by 'hacked';
flush privileges;

This creates theemporium_productiondatabase and the MySQL user that is used when connecting to the database. Notice that we are not granting all rights to the user, as was the case with the development and test databases that we created in earlier chapters. Instead, we are granting only the minimum privileges required by the application:select,insert,update,delete,create, anddrop. It’s not a good idea to givegrantandshow database privileges, for example, since they could be used by a hacker to gain access to other databases.

Next, update the database configuration file (config/database.yml) as shown here:

  adapter: mysql
  database: emporium_development
  username: emporium
  password: hacked
  encoding: utf8
  adapter: mysql
  database: emporium_test
  username: emporium
  password: hacked
  encoding: utf8
  adapter: mysql
  database: emporium_test
  username: emporium
  password: hacked
  encoding: utf8

Finally, run the migrations by executing the migration scripts:

rake db:migrate RAILS_ENV=production

We are now ready to deploy the application to production. We’ll first describe how to deploy it manually, so that you can appreciate the benefits of using Capistrano to automate the deployment process. It’s also good to do a manual deployment first to verify that everything is set up and configured correctly.

Please check back for the next part of the series.

DISCLAIMER: The content provided in this article is not warranted or guaranteed by Developer Shed, Inc. The content provided is intended for entertainment and/or educational purposes in order to introduce to the reader key ideas, concepts, and/or product reviews. As such it is incumbent upon the reader to employ real-world tactics for security and implementation of best practices. We are not liable for any negative consequences that may result from implementing any information covered in our articles or tutorials. If this is a hardware review, it is not recommended to open and/or modify your hardware.

blog comments powered by Disqus

- Ruby-on-Rails Faces Second Security Flaw in ...
- Ruby 2.0 Prepped for February 2013 Release
- Why LinkedIn Switched from Ruby on Rails
- Adding Style with Action Pack
- Handling HTML in Templates with Action Pack
- Filters, Controllers and Helpers in Action P...
- Action Pack and Controller Filters
- Action Pack Categories and Events
- Logging Out, Events and Templates with Actio...
- Action Pack Sessions and Architecture
- More on Action Pack Partial Templates
- Action Pack Partial Templates
- Displaying Error Messages with the Action Pa...
- Action Pack Request Parameters
- Creating an Action Pack Registration Form

Watch our Tech Videos 
Dev Articles Forums 
 RSS  Articles
 RSS  Forums
 RSS  All Feeds
Write For Us 
Weekly Newsletter
Developer Updates  
Free Website Content 
Contact Us 
Site Map 
Privacy Policy 

Developer Shed Affiliates


© 2003-2019 by Developer Shed. All rights reserved. DS Cluster - Follow our Sitemap
Popular Web Development Topics
All Web Development Tutorials