Production Mode


Updated: 03/13/17

Once the rails application is up and running in development mode, we can switch over to production mode to increase performance and enhance security by not displaying errors in the browser.

Rails production mode will run in a completely different database than development mode. This will require us to migrate and seed the database for production mode. Additionally we will need to precompile our assets for optimization of javascript, css, and images.

Using our rails helper rake we can precompile all of our assets which is required to enable production mode. We can also prefix the command with the environmental variable RAILS_ENV and set it to production. This is required to render all assets in production mode.

$ rvmsudo RAILS_ENV=production bundle exec rake assets:precompile

Now we must migrate and seed the data for our production database. If you have not created a separate production account within mysql you need to do that now.

$ mysql -u root -p
mysql> create database pf_prod;
mysql> grant all privileges on pf_prod.* to 'pf_prod'@'localhost' identified by 'password';

Rake will assist with creating the database schema and seeding the database.

$ rvmsudo RAILS_ENV=production bundle exec rake db:migrate
$ rvmsudo RAILS_ENV=production bundle exec rake db:seed

Now we must tell Apache to use production mode for our rails application by modifying /etc/apache2/sites-enabled/pf.conf and changing the line of:

RailsEnv development

to

RailsEnv production

Now we need to generate ourselves a secret key which will be used to generate session cookies and other sensitive aspects of the Rails application. We can do this with the rake helper below:

$ bundle exec rake secret

This will show your newly generated secret which you will need to highlight and then place inside the secrets.yml file. The example below is what your config file may look like once you add the proper production environment. DO NOT COPY the strings below for production use as this is insecure, also ensure you use spaces and not hard tabs.

development:
  secret_key_base: 710f19a88254b165ddb3d5ba72b37f695d83d9838ee1c66325f5bf58990d9b536fa67dc5c5aaa06df470bffd8093bc40a83960245dab802887ba9116e95dd854

test:
  secret_key_base: da418a2600aef1ac49ab47af8cf5250531430ffb368aa587230978c8a5c72627da2881981803946d968a4b8ffdd06d15d916f458939bf1c0fee89d959397e241

production:
  secret_key_base: cf132cd93788906ce719adc1b3990a372e604fe50fed22a2ff899a8972b0ff07737d6a241d67ee50c5f6995876f7431b5be3e22aa5255fdb0799b473c88427da

Restart or Start the Apache web service.

$ sudo apachectl restart

Your application should now be running in production. Note that if any errors occur they will no longer be shown in the browser. In order to view the details of any errors they will be logged to approot/log/production.log

You may also need to reload the default templates again using the rake task. This time we need to tell rails to use the production environment so it applies the proper database.

$ rvmsudo RAILS_ENV=production bundle exec rake templates:load

You will also need to run your sidekiq process in production mode as well. If your sidekiq process is already running, stop it and restart with the following command:

$ rvmsudo RAILS_ENV=production bundle exec sidekiq -C config/sidekiq.yml

Change ownership of phishing-frenzy directory so that the Apache account (www-data) is able to run the application properly.

$ sudo chown -R www-data:www-data /var/www/phishing-frenzy/

Note: This migration from development to production will reset the default admin password or any other work you have performed in development mode.

Enjoy Phishing Frenzy and please submit all bugs to Github.