You already know quite a bit about Rails security? So you may want to skip the content for beginners and go through the topics below, instead. Each resource is usually not just a link to a gem/website but collects all information/links/answers about a topic. So don’t skip the topics on this page if you already know what it is. For example, you might know Rack::Attack but how to whitelist search engine spiders with it might be new to you (just guessing).
CSP is a great way to reduce or completely remove the number 1 web app security vulnerability – Cross-Site Scripting (XSS).
This includes a 5-page guide on how to form the habits and a plan for each day for you to follow.
Some are sent by default in Rails now
Track and throttle requests
Note that I’ll add more to this page, subscribe to the mailing list to hear about it first.