Why You Should Always Authenticate
December 30, 2005
Some more astute readers of my site may have noticed it go down last night, and then this morning that all but one of my categories had disappeared. I'm making an admission now, I'm a bad person. When I program personally, I sometimes let security walk out the window - this is an instance where I made such a mistake, and won't let it happen again.
See, I locked up all of the blog creation, deletion, and updating portions of the site - as that's really important to me; but I left scaffolding in place for the categories. Completely unpassword protected. Now, I didn't really care about reading about hacking into the scaffolding to add password protection because it doesn't really matter to me if my categories disappear, or suddenly turn pornographic.
Well, I made a small update to the code this weekend - and left in a bad link when you clicked on the category. The link led you to the category scaffolding, instead of to the category itself. Not a terrible mistake, but a mistake nonetheless. Well, Google cache came along last night and began gobbling up all of the destroy links. So, obviously all of my categories were gone. :(
I've recreated most of them, and might actually create a new one, video games, since I received both a Nintendo Gamecube and a DS for Christmas. I can now participate in the plethora of sexy console entertainment that I've so long admonished.
Anyway. Moral of the story, always use authentication. I'll post up my very simple Ruby on Rails authentication code later on this evening, keep an eye out if you're interested in that.
Permalink |
Add to delicious |
0 Comments
| Tagged: Web
