top | item 6546481

(no title)

PLejeck | 12 years ago

I'm suggesting that site operators need to use HTTPS. It doesn't matter if you use Rails, PHP, Node.js, whatever. USE HTTPS. NEVER USE HTTP.

It's as simple as that. Never assume that anything transmitted over HTTP is safe, because that assumption will come back to bite you.

discuss

Exactly - use force_ssl true in the case of Rails.

rmrfrmrf|12 years ago

do you ever get a headache from sitting in this echo chamber all day?