To give back to the developer community, at Rollbar we looked at our database of thousands of projects and found the top 10 errors in Ruby on Rails...
For further actions, you may consider blocking this person and/or reporting abuse
Thank you for including the "...and how to avoid them" part. Awesome!
That's the most important part! Glad you enjoyed it!
Right away I saw number #1 and I was I thought of my rollbar being filled the brim which these reports.
So at the application level is one way to filter them ou as shown here for unmatched routes.
The cloud computing way would be to filter them out with your Web Application Firewall (WAF), so I do this using AWS WAF.
The way I can keep my application as vanilla as possible and if I wanted to I can now automate a response from based on the behaviour of these missing routes since sometimes they are malicious.
I have to do this because people attempt to scrape my paid content and so I have the ability to detect and honey pot these users. Could you do this within your Rails app? yeah but I don't want that traffic even making it to my instances.
Phil: I would love to know when Twillio will support Twillo SIM cards in Canada. I was lucky enough o be lent a Twilio IoT kit from a Twillio Champion and I was going to put together a free IoT workshop but sadly the SIM cards are not yet supported over border.
Hey Andrew,
That's a good point about filtering out the routing errors before they even hit the application. I've not used a WAF before, have you written up anything on how to do this with a Rails application (or can you point me somewhere for that)? I definitely appreciate keeping the useless or malicious traffic away from the app itself.
As for Twilio SIM support, the narrowband SIM you have works on T-Mobile's NB-IoT network in the US. That's the only narrowband partnership we have right now and I don't know anything more than that.
We do have regular Twilio Wireless SIMs that are great for building IoT devices too. They work all around the world. We also have the Twilio Super SIM coming soon that will switch networks (rather than roaming) and will also work globally. Would you be interested in working with these at all?
Hey Phil,
I do have AWS WAF video tutorials but I have not had time to publish them.
For AWS WAF they have a WAF marketplace where you can purchase WAF rules that will filter them out for you. So AWS WAF I believe can cost around $7 per / month. The purchased rules from a vendor vary but can be additional $20 on top per month.
To be cost-effective you can just write your own rules in AWS WAF and this is what I do. You can add rules based on regex patterns and so I just look in my rollbar for bizarre routes with bizarre User Agents and I add them to my AWS WAF ruleset. I also prefer this approach because I get to familiarize myself with the kind of traffic.
AWS has a free CloudFormation in the AWS Docs that sets up a honey pot for you. I've modified this template for myself to deal with and be alerted of scrapers.
Thank you for sharing more information on the variety of SIMs.
Wireless and Super SIM I didn't investigate so maybe there is something feasible here.
I appreciate you dug that up for me.
I hope to never run into these errors, but just in case, I'm bookmarking this link and sharing it with my cohort. :)
Thanks for the detailed write-up.
If you never get a 404 in production I'd be amazed! 😄 Just make sure you have this list on hand so that you don't panic.
Hope it helps you and your whole cohort!
However I am a rails developer for more than 11 years , but you gave me tons of new informations
That's awesome, thanks for sharing, I'm glad I could help!
My top 1 is ActiveRecord::RecordNotFound
Ah, another 404 sort of error. Is there something you're doing to cause that do you think? Links that are pointed to old, deleted resources, or something like that?