Ruby on Rails Saturday, September 29, 2012

2012/9/29 Mandeep Kaur <>:

> I don't think Its the right choice to pay someone for doing that. I
> will try it and hopefully run that too.
> Anyways thanks for your help.

Believe me it is, I had to learn that the hard way a couple of years ago!

Setting up a webserver that it works is one thing, setting it up that
it works AND is secure another thing!

I did some misconfigurations that time and opened a big security hole
in my webserver. No one discovered it in the first place, but about
half a year later, someone used that hole to hack my server and abuse
its processing power for spam mail sending and crawling the web for
more email-addresses. Another problem were the leaked database and its

Since my hoster realized the high CPU use after a couple of minutes he
shut down that host. I was lucky about that. Since all what happened
was my fault of misconfiguring the server I had to pay fees! But since
the host was shut down very early I wasn't punished for spammail but I
had to pay a fee for the leaked userdata. It summarized to about 2500
€ (about 3000 USD).

Paying someone who knows how to configure such a webserver would have
cost only a fraction, and if I had have a bigger userbase it would
have been much more money!

Don't repeat mistakes that others did. Make your own, but make them different!

You received this message because you are subscribed to the Google Groups "Ruby on Rails: Talk" group.
To post to this group, send email to
To unsubscribe from this group, send email to
For more options, visit

No comments:

Post a Comment