---
title: Use TLS for All Connections
impact: CRITICAL
impactDescription: protects data in transit from eavesdropping and interception
tags: security, tls, ssl, transport
---

## Use TLS for All Connections

Always use HTTPS/TLS for all external API calls and database connections. In Rails, enforce SSL application-wide.

**Incorrect (insecure protocol):**

```ruby
# HTTP is insecure
response = Net::HTTP.get(URI("http://api.example.com/data"))
```

**Correct (force SSL/TLS):**

```ruby
# config/environments/production.rb
config.force_ssl = true

# Using secure protocol
response = Net::HTTP.get(URI("https://api.example.com/data"))
```

**Tools:** Brakeman, Manual Review
---