security

Webhooks are a security boundary. Verify signatures with constant-time compare, include a timestamp window to prevent replay, and store processed event IDs to make handlers idempotent.

AWS IAM (Identity and Access Management) controls access to cloud resources. Policies are JSON documents with Effect, Action, and Resource fields. The principle of least privilege grants only required permissions. Allow permits actions, Deny always ov

Front-end security protects users from malicious attacks. I prevent Cross-Site Scripting (XSS) by sanitizing user input and using textContent instead of innerHTML. Content Security Policy (CSP) headers restrict resource loading to trusted sources. Cro

Integrate HashiCorp Vault with Kubernetes for dynamic secrets management. Use the Vault Agent sidecar injector to automatically inject secrets into pods, configure KV secret engines, and set up Kubernetes authentication. Eliminate hardcoded secrets fr

CORS is one of those features that becomes security-sensitive by accident. Instead of Access-Control-Allow-Origin: *, I keep a strict allowlist and echo back the exact origin only when it’s approved. I also handle OPTIONS preflight requests explicitly

Storing secrets in environment variables works but gets messy at scale with dozens of keys. Rails encrypted credentials provide a structured alternative where secrets live in version-controlled credentials.yml.enc files, encrypted with a master key st

Never store passwords as raw strings, and don’t invent your own hashing scheme. I use bcrypt with a cost that’s calibrated for the environment (fast enough for login throughput, slow enough to resist offline cracking). The trick is to treat the cost a

Active Storage makes uploads easy; production makes them dangerous. Validate content type and size at the model layer, and keep the error messages user-friendly. This prevents large or unexpected uploads from blowing up costs and processing queues.

A simple fixed-window rate limiter is often enough for endpoints like login, password reset, webhooks, or expensive searches. Use atomic Redis INCR + EXPIRE with a stable key and return remaining quota for UX.

Strong parameters prevent mass assignment vulnerabilities by explicitly whitelisting which attributes can be set via user input. Without this protection, attackers could modify sensitive fields like admin or account_balance by including them in reques

Reset flows are a common place to accidentally store secrets in the database. I generate a random token, email it to the user, and store only a hash in the DB alongside an expiry timestamp. When the user redeems the token, I hash what they provide and

XSS is still the most common ‘we didn’t think about it’ vulnerability in web apps. A Content-Security-Policy doesn’t replace sanitization, but it dramatically reduces blast radius when something slips through. I start from a strict baseline (no inline