After the massive phish targeting Google accounts this week, I’ve had some people ask me how to make sure their Google account is secure. Luckily, Google has built in some great features that help you assess your account security and keep it safe.
If you suspect someone has hacked your account, just changing your password is not enough. There are ways a hacker can maintain access to your account even after you change your password. Follow the below steps to review the state of your account.
Continue reading Review your Google account for suspicious activity →
The asset pipeline is great and confusing at the same time. It performs differently in development than it does in production, and as such you can’t be really sure everything is going to work once you deploy it, unless you really understand it, of course.
Continue reading Rails Asset Pipeline When Application is Deployed in a Subdirectory →
OK, before you go yell at me, I know enabling detailed error messages on a production web application is a Bad Thing™. The security guy in me hates finding a production application that spews back all kinds of details to a user when something goes wrong, and I’ve had many a developer disable detailed error messages on their production applications.
Continue reading Rails Quick Tip: Show Detailed Errors in Production →
Cookies are used to store a variety of shared state information between your browser and a web server. The most common use for cookies is to maintain your session state, since HTTP in itself is a stateless protocol.
Continue reading Session Cookie HTTPOnly Flag – Java, .NET Rails 3 and Coldfusion →