Password protecting a rails staging environment

Question

I\'m trying to work out what the best way to secure my staging environment would be. Currently I\'m running both staging and production on the same server.

The two

Answer 1

bumping this to help others, like myself as I read this before settling on an similar, but cleaner solution.

# config/environments/staging.rb

MyApp::Application.configure do
  config.middleware.insert_after(::Rack::Lock, "::Rack::Auth::Basic", "Staging") do |u, p|
    [u, p] == ['username', 'password']
  end

 #... other config
end

I wrote a short blog post about it.

Answer 2

I would go with the http basic authentication, I see no inherent problems with it.

Answer 3

If you are deploying with multi-staging environments and so you have production environment and staging environment, you only need to add these lines to config/environments/staging.rb

MyApp::Application.configure do
  # RESTRICTING ACCESS TO THE STAGE ENVIRONMENT
  config.middleware.insert_before(::Rack::Runtime, "::Rack::Auth::Basic", "Staging") do |u, p|
    u == 'tester' && p == 'secret'
  end

  ...

end

By doing so, you don't need to configure Apache.

I am using Ruby 2 with Rails 4 and it works like a charm!