if the user goes and directly writes in the address
bar myappurl/action/adcontent/TheContent that is
valid and the rails app processes it.
How i can avoid this? i mean, remome access to
certain actions of the rails app completely.
Put a line
in your controller.
Then put any controller methods that you don't want to be available via user entered URL's beneath that line. Anything below the 'protected' line can only be invoked from other methods in your app.