← Back to Upcase

Securing a Bitcoin Exchange


(Kai) #1

Hey,
I am building a simple small Bitcoin Exchange which transfers euro’s (via a Dutch payment system) to Bitcoins (via the coinbase-ruby gem) and back.

But since i’m not an expert on security, especially in combination with rails. Do you guys have some do’s and don’t?

Is it safe to run the system on an heroku server with ENV[] variables?

Thanks is advance!
Kai


(Noah Clark) #2

Don’t.

All kidding aside, web security comes down to most often user input. Remove as much user input as possible, and where you can’t white list and validate it as much as possible.


(Raul Murciano) #3

I agree with the previous advice. Also, at the bare minimum, read the Official Rails Guide on Security.

Your ENV vars should be safe at Heroku.


(Geoff Harcourt) #4

Dogecoin. Very wow. Much profit. So security.


(Kai) #5

Thanks guys,
This gives me much more confidence, i am really careful with the user input. This security guide, is a perfect start. :slight_smile: