Challenge 1: Production Environment Config — Solution # config/environments/production.rb config.eager_load = true config.force_ssl = true config.log_level = :info # Why these would be wrong in development.rb: # - eager_load = true loads every class in the app at boot time. In # development this would mean restarting the whole server (and waiting # through a full reload) after every single code change, instead of # Rails lazily reloading just the changed file on the next request -- # the exact convenience development mode exists to provide. # - force_ssl = true redirects all HTTP requests to HTTPS and requires a # valid certificate. A local development server almost never has a real # TLS certificate configured, so enabling this in development.rb would # simply break every local request with a redirect loop or a connection # error. =begin Notes: - log_level = :info is a genuinely reasonable choice for both environments, but production.rb sets it explicitly to be sure verbose :debug-level logging (useful while developing) doesn't flood production logs with noise that makes real issues harder to find. - force_ssl = true is the direct Rails equivalent of everything the completed HTTPS/TLS course covered manually at the nginx/server level -- one config line here does the redirect-to-HTTPS and HSTS header work that course walked through by hand. =end