Rails: Default to "sandbox" mode when accessing production-like environments (#747)

stevepolitodesign · web-flow · commit a46e47af476a · 2025-06-27T16:23:56.000-04:00
In an effort to avoid mutating production data, we recommend using "sandbox" mode when using `rails console`. If you need to [manipulate data][data migrate], consider running a custom Rake task, or use [maintenance_tasks][]. [data migrate]: https://guides.rubyonrails.org/active_record_migrations.html#data-migrations [maintenance_tasks]: https://github.com/Shopify/maintenance_tasks
diff --git a/rails/README.md b/rails/README.md
@@ -81,6 +81,12 @@ Guidance on ActiveRecord, ActiveModel, and other model objects.
 - Use `db/seeds.rb` for data that is required in all environments.
 - Use `development:db:seed` rake task for development environment seed data. [Example](/rails/how-to/seed-data.md).
 
+## Security
+
+- Set [config.sandbox_by_default][sandbox] to `true` in production-like environments to avoid accidental writing to the production database.
+
+[sandbox]: https://guides.rubyonrails.org/configuring.html#config-sandbox-by-default
+
 ## Migrations
 
 [Sample](migration.rb)
