DEV Community

Scott Watermasysk
Scott Watermasysk

Posted on • Originally published at scottw.com on

1

SSL::VERIFY_NONE - NEVER!

#ruby #ssl #security

I saw this little doozy as recommend code for (Ruby) API access:

http.verify_mode = OpenSSL::SSL::VERIFY_NONE

This effectively disables SSL checks and is not something anyone should be recommending….ever.

Top comments (0)

profile
Sentry
 Promoted

Sentry image

See why 4M developers consider Sentry, “not bad.”

Fixing code doesn’t have to be the worst part of your day. Learn how Sentry can help.

Learn more

Read next

kkuj profile image

Using Cloudflare SSL with Elastic Beanstalk instances

Kamil Kujawiński -

jajera profile image

Configure SSH Login from Windows to Windows

John Ajera -

jajera profile image

Configuring AWS Vault with the Pass Backend for Secure Credential Management on Linux

John Ajera -

adrian_zuplo profile image

User-level auth in your Supabase API - Supaweek Day 2

Adrian Machado -

👋 Kindness is contagious

Please leave a ❤️ or a friendly comment on this post if you found it helpful!

Okay