Zabba
Reputation: 65497
How to avoid Credit Card information being "saved" anywhere in a Rails app?
I've read some good information (on SO) about how you must avoid storing credit card information on your website.
My Rails app would be the one getting the CC information from a on my website, correct? (as opposed to a payment processor site, if that's possible?) If so, then how do I know what all logs to "silence" so that they don't store the info?
What places (like Apache logs, my app's logs etc.) do I need to look at to remove such sensitive information ?
Upvotes: 2
Views: 273
Answers (1)
Sebastian Brózda
Reputation: 879
for rails apps is just
filter_parameter_logging :name_of_input
simple usage:
class ApplicationController < ActionController::Base
filter_parameter_logging :cc
end
html:
<input type="text" name="cc">
check: http://apidock.com/rails/ActionController/Base/filter_parameter_logging/class
Upvotes: 3
Related Questions
- Make stripe payment without card saving
- Best way to store bank account information of users?
- How can I use PayPal's credit card vault in RoR without having the CC information hit my server?
- Secure way to store user account credit in Rails
- How to securely store credit card info as part of a devise user in rails?
- Storing bank account details in application.rb
- Processing credit card payments in Rails
- Rails + Sessions: Safe to store partial credit card info in session?
- Saving bank info into your model from a payment API
- Secure sensitive data (credit card) on RoR