Blocking abusive requests to your Ruby application with Rack::Attack

One of the things I love about my job at Icelab is that I get to help build complex web applications that are used by thousands of people.

It’s an unfortunate truth when it comes to the internet though that high-profile sites that are used by lots of people often become the target of malicious activity, whether that be account enumeration attacks, brute-force login attempts, DDoS attacks, or worse. Aside from the obvious requirement to protect the potentially sensitive data your application deals with, it’s also important that it’s available to your users when they want to use it (and not unavailable due to being flooded with requests from a bot farm somewhere).

I recently discovered Rack::Attack, which is a handy middleware for protecting Rack-based apps from poorly-behaved clients. I’ve now implemented Rack::Attack in a couple of our apps and figured it was time to write a blog post detailing how.

read more

Deploying Rails applications with Docker and Cloud 66

I’ve spent much of my time at Icelab over the last few weeks working on migrating 14 containerized Rails apps belonging to one of our largest clients from the existing, unmanaged, Dokku based environment to Cloud 66, a managed environment for deploying apps running in Docker containers. It’s also possible to deploy Rails, Rack and Node apps directly via Cloud 66 but my only experience has been with deploying such apps within a Docker container, so that’s the focus of this post.

The process proved to not be as straightforward as I expected (perhaps partly due to the patchiness of Cloud 66’s documentation in some places) so it made sense to document my experience in the hope it’ll be useful for others tackling this exercise in future. While Cloud 66 recently announced v2 of the container-based platform, we opted to stick with v1 for this client but with any luck the niggling annoyances I encountered have been ironed out in v2.

read more

Ten digital nomads, one house: recapping The Marrakech Project

Ten digital nomads, one house: recapping The Marrakech Project

I was sitting in a coffee shop in Kuala Lumpur in February last year when I met Loukman Nacik, an entrepreneur from Morocco. We instantly hit it off, so much so that I invited him along to drinks with friends the next night at my favourite bar in KL, PS150. Late in the evening after a few glasses of Japanese whisky, the conversation turned to the co-living trend that was starting to take off in the digital nomad community, and what it would take to replicate the offering of Nomad House (and others) to accommodate us and a few other other close friends. At that moment, The Marrakech Project was born.

Back in April I spent the month living in an amazing riad with a bunch of close friends in the centre of the Medina in Marrakech and it was an overwhelmingly positive experience.

read more

RubyConf Philippines 2017

RubyConf Philippines 2017

I’m just back from RubyConf Philippines 2017 where I spoke with Bobbilee Hartman on the subject of fostering a welcoming, supportive, and productive environment for junior developers. From the the feedback we heard throughout the rest of the conference our presentation sparked plenty of conversations regarding the need to attract, grow, and retain junior developers which is great as that’s exactly what we were hoping to achieve.

read more

A (late) look back at Rails Camp US West 2016

A (late) look back at Rails Camp US West 2016

Going to Rails Camp changed my life (bear with me here); attending my first camp back in June 2015 and meeting 150-odd other like-minded people gave me the confidence to start putting myself out there and applying for my first developer role after having spent the past eight months learning to code on my own. I started at Icelab around three months later, and three months after that I sold almost all of my stuff and left Australia for the foreseeable future to start working remotely while travelling long-term.

With tickets now on sale for the 2017 edition of Rails Camp US West I figured it was time to finally punch out this post and share my thoughts on Rails Camp US West 2016.

read more