Rails and web security reading list ?  #24

New Rails 5.1 came out recently

It includes encrypted secrets and supports JS package mangers for easier updates. That’s important too because of JS vulnerabilities.

New version for authorization framework CanCanCan

Check and update your SSH keys with this easy command

Which security implications of the Serverless approach are better or worse?

And another post about serverless security issues

---

Replacing Disqus with Github Comments for less load time and far less tracking

Don’t repeat these 2FA design mistakes

Another Rails security checklist with a few bits

CloudFlare introduced TLS client-side authorization

---

Check your nginx config for security issues

Security Updates

PostgreSQL security update