DEV Community

Cover image for Top 10 errors from 1000+ Ruby on Rails projects (and how to avoid them)

Top 10 errors from 1000+ Ruby on Rails projects (and how to avoid them)

Phil Nash on April 26, 2018

To give back to the developer community, at Rollbar we looked at our database of thousands of projects and found the top 10 errors in Ruby on Rails...
Collapse
 
thorstenhirsch profile image
Thorsten Hirsch

Thank you for including the "...and how to avoid them" part. Awesome!

Collapse
 
philnash profile image
Phil Nash

That's the most important part! Glad you enjoyed it!

Collapse
 
andrewbrown profile image
Andrew Brown 🇨🇦

Right away I saw number #1 and I was I thought of my rollbar being filled the brim which these reports.

So at the application level is one way to filter them ou as shown here for unmatched routes.

The cloud computing way would be to filter them out with your Web Application Firewall (WAF), so I do this using AWS WAF.

The way I can keep my application as vanilla as possible and if I wanted to I can now automate a response from based on the behaviour of these missing routes since sometimes they are malicious.

I have to do this because people attempt to scrape my paid content and so I have the ability to detect and honey pot these users. Could you do this within your Rails app? yeah but I don't want that traffic even making it to my instances.

Phil: I would love to know when Twillio will support Twillo SIM cards in Canada. I was lucky enough o be lent a Twilio IoT kit from a Twillio Champion and I was going to put together a free IoT workshop but sadly the SIM cards are not yet supported over border.

Collapse
 
philnash profile image
Phil Nash

Hey Andrew,

That's a good point about filtering out the routing errors before they even hit the application. I've not used a WAF before, have you written up anything on how to do this with a Rails application (or can you point me somewhere for that)? I definitely appreciate keeping the useless or malicious traffic away from the app itself.

As for Twilio SIM support, the narrowband SIM you have works on T-Mobile's NB-IoT network in the US. That's the only narrowband partnership we have right now and I don't know anything more than that.

We do have regular Twilio Wireless SIMs that are great for building IoT devices too. They work all around the world. We also have the Twilio Super SIM coming soon that will switch networks (rather than roaming) and will also work globally. Would you be interested in working with these at all?

Collapse
 
andrewbrown profile image
Andrew Brown 🇨🇦

Hey Phil,

I do have AWS WAF video tutorials but I have not had time to publish them.

For AWS WAF they have a WAF marketplace where you can purchase WAF rules that will filter them out for you. So AWS WAF I believe can cost around $7 per / month. The purchased rules from a vendor vary but can be additional $20 on top per month.

To be cost-effective you can just write your own rules in AWS WAF and this is what I do. You can add rules based on regex patterns and so I just look in my rollbar for bizarre routes with bizarre User Agents and I add them to my AWS WAF ruleset. I also prefer this approach because I get to familiarize myself with the kind of traffic.

AWS has a free CloudFormation in the AWS Docs that sets up a honey pot for you. I've modified this template for myself to deal with and be alerted of scrapers.

Thank you for sharing more information on the variety of SIMs.
Wireless and Super SIM I didn't investigate so maybe there is something feasible here.
I appreciate you dug that up for me.

Collapse
 
scrabill profile image
Shannon Crabill

I hope to never run into these errors, but just in case, I'm bookmarking this link and sharing it with my cohort. :)

Thanks for the detailed write-up.

Collapse
 
philnash profile image
Phil Nash

If you never get a 404 in production I'd be amazed! 😄 Just make sure you have this list on hand so that you don't panic.

Hope it helps you and your whole cohort!

Collapse
 
remon profile image
Raymond (Remon)

However I am a rails developer for more than 11 years , but you gave me tons of new informations

Collapse
 
philnash profile image
Phil Nash

That's awesome, thanks for sharing, I'm glad I could help!

Collapse
 
codebeautify profile image
Code Beautify

My top 1 is ActiveRecord::RecordNotFound

Collapse
 
philnash profile image
Phil Nash

Ah, another 404 sort of error. Is there something you're doing to cause that do you think? Links that are pointed to old, deleted resources, or something like that?