Run better_errors in production
Closed this issue · 2 comments
First of all, thanks for this great gem 🥇
I'm running my rails app in a closed/private server (not accessible by anyone) and that's why there is no security issues at this point.
I'm struggling with a bug that only appears in Production env and I was wondering how can I set up better_errors in production as well.
I tried not to group better_errors in development, added this in my config/application.rb
module BetterErrors
class Railtie < Rails::Railtie
def use_better_errors?
return true if ENV['BETTER_ERRORS']
!Rails.env.production? and app.config.consider_all_requests_local
end
end
end
and BetterErrors::Middleware.allow_ip! '11.11.11.11'in initialers/better_errors.rb & in environments/production.rb I did:
config.consider_all_requests_local = true
config.action_controller.perform_caching = true
Elso tested with:
config.consider_all_requests_local = !!ENV['BETTER_ERRORS']
config.action_controller.perform_caching = !!!ENV['BETTER_ERRORS']
But I still see rails error page. I would appreciate any help and thanks in advance!
better_errors (2.5.0)
rails 5.2.2
ruby 2.3.1
To everyone who might come across this: Please don't use Better Errors in production. Beyond being insecure (meaning we haven't done any testing to see what information it might leak or how easily the IP address filtering is spoofed) it also requires a load of debugging tools to be in Ruby at all times, and these alone can cause security and performance problems.
To troubleshoot an issue you're seeing in production, I recommend a tool like Sentry. You can add contextual data to the Sentry client so that if an exception occurs, you have more information to reproduce with. Getting good at using user context, tags, and extra context is a skill that will save you a lot of time when tracking down errors in production.
But if you're trying to run your Rails app on a development machine with "production" environment specified, note that by default, Better Errors is only included in the development group of the Gemfile. This will keep it from being included in the middleware stack at all when running outside Rails "development" environment. Have you moved it outside of this group?
@RobinDaugherty Thanks a lot for your detailed answer and I appreciate you taking your time to answer 💯.
No, I haven't added better_errors inside a group :development do and that's why I assumed if its not inside a group, it would be accessible cross all envs