How to determine if the site is made in RoR

Hello frnds

Is there a way out by which we can determine that a site is made in RoR?
like looking @ the source code or some other method....that we adopt for
other techs like php...

Thanks a lot

dhaval parikh

No other framework provides 404.html at the root so if you find
http://example.com/4004.html and http://example.com/500.html be assured
that it's ROR. Also the URL at the top can indicate too.

If you look at the form and see person[name] then it's ROR.

You can also use http://builtwith.com/ :slight_smile:

Do a curl call to the the URL. In the response you can see come of the
Information like server, Content type etc etc.
If the server is mongrel , its definitely RoR.

Raj Singh wrote:

No other framework provides 404.html at the root so if you find
http://example.com/4004.htmlandhttp://example.com/500.htmlbe assured
that it's ROR. Also the URL at the top can indicate too.

If you look at the form and see person[name] then it's ROR.

thanks a lot but i think there should be some concrete way out...to
find
the same..as url can be made to look like ror even in php
applications(url aliasing)

Do a curl call to the the URL. In the response you can see come of the
Information like server, Content type etc etc.
If the server is mongrel , its definitely RoR.

or merb, or nitro or camping etc... Mongrel most commonly hides behind
some sort of load balancer anyway
I doubt there is a foolproof way of doing this (especially if the
person running the server wants to make it look like rails isn't being
used)
Fred

Frederick Cheung wrote:

append

/images/rails.png

to the url is a "not certain" yet optional way to check
:wink:

s

Nobody’s asked this yes, so I will: why does it matter what something’s written in? Is there something you want to hack? Do you want to hide Rails from the bosses? I’m just interested, that’s all.

Brian Hogan wrote:

Nobody's asked this yes, so I will: why does it matter what something's
written in? Is there something you want to hack? Do you want to hide
Rails
from the bosses? I'm just interested, that's all.

Well basically being in the field of technology i would certainly like
to know that a particular thing is made using wat technology....as thru
that we can come to know that what is new thing in market....what r
people and companies doing and y in terms of technology....

so I feel that knowing about the fact that the site is made using wat
tech is an important aspect for all tech ppl...we can even come to know
that wat features can be made using with language..and find out the adv
of using one instead of other..also its a matter of pride that being
working in one particular lang and when big ppl/companies make their
sites using that lang u can visualize the future of it..

Its something to boast about and gives u a confidence of working in the
same..

Again wat i have written is wat i feel...

thanks

There are sites out there that make an educated guess on the underlying framework (i don’t recall the url and can’t seem to find it in a hurry), but it’s always an educated guess.

Examples:

http://mydomain.com/contacts;addresses/ will probably be a Rails 1.2 RESTful routes app

http://mydomain.com/javascripts/application.js?15454365 will probably be a Rails app too

There are some indicators on which language/framework has been used and the more can be found in one page, the more probably it will be to guess the technology used. But it is and stays an educated guess in the end.

Best regards

Peter De Berdt

I had this same thought, and wondered if anything like wordpress' meta
tag existed for rails <meta name="generator" content="Rails1.2.3" />.

previous discussion here -
http://groups.google.com/group/rubyonrails-talk/browse_thread/thread/b594be4b937d7e01/dbb85644cf293f1f?hl=en#dbb85644cf293f1f

In my opinion, the reason meta tags like that are terrible is that it tells someone what version of something you are using, so they can then see if they can exploit it. I’ve always found it beneficial to hide the technology you’re using.

I realize that the use of the word "hack" here is ambiguous, but.

There are often good security reasons to configure a server so as to
hide how it's implemented, particularly when using a widely used
framework.

Imagine that someone is trying to exploit a security exposure which
has become public. One valuable tool in the evil-doer's kit is to
scan sites to find likely victims.

So while there are clues like the server header in http responses,
there are also countermeasures such as configuring a stack component
(e.g. Apache) to either withhold or obfuscate them. And security
conscious sites are likely to use these countermeasures.

Wrong. Array-based form elements existed long before Rails did.