One of the things some people don’t know to do when they grab an open source Ruby on Rails app from Github (or elsewhere) is to change the secret token so it isn’t the one in the public repository.

A quick way to generate a new 128 character token is to open the Rails console by typing

rails console

from within your app directory, then in the prompt type

SecureRandom.hex(64)

The output of this is perfect for a new token. Simply copy and paste into your config/initializers/secret_token.rb file