diff --git a/app/controllers/collections_controller.rb b/app/controllers/collections_controller.rb
index 157365b3..413446b2 100644
--- a/app/controllers/collections_controller.rb
+++ b/app/controllers/collections_controller.rb
@@ -84,7 +84,7 @@ def create
   end
 
   def update
-    if collection.update_attributes params[:collection]
+    if collection.update collection_params
       collection.recreate_index
       redirect_to collection_settings_path(collection), notice: _("Collection %{collection_name} updated") % { collection_name: collection.name }
     else
@@ -310,4 +310,10 @@ def upload_logo
                  preview_url: uploader.url(:preview)})
   end
 
+  private
+
+  # TODO: migrate to strong parameters
+  def collection_params
+    params[:collection].permit!
+  end
 end