Rails logs your server's activity, which is useful for development and debugging. However, often the server handles sensitive information that should not be logged.
A few examples are authentication credentials, personal data, and financial information.
To prevent Rails from logging such data, add this to your application configuration:
config.filter_parameters << :param_a, :param_b
When the named parameters are handled by the server, they will be logged as
[FILTERED] instead of their actual value. Add this configuration by environment if you want to keep the parameters unfiltered in development.