While Django provides good security protection out of the box, it is still important to properly deploy your application and take advantage of the security protection of the web server, operating system and other components.
Make sure that your Python code is outside of the web server's root. This will ensure that your Python code is not accidentally served as plain text (or accidentally executed).
Take care with any user uploaded files.
Django does not throttle requests to authenticate users. To protect against brute-force attacks against the authentication system, you may consider deploying a Django plugin or web server module to throttle these requests.
Keep your
SECRET_KEY
a secret.It is a good idea to limit the accessibility of your caching system and database using a firewall.
Mastering Django: Core
By :
Mastering Django: Core
By:
Overview of this book
Mastering Django: Core is a completely revised and updated version of the original Django Book, written by Adrian Holovaty and Jacob Kaplan-Moss - the creators of Django.
The main goal of this book is to make you a Django expert. By reading this book, you’ll learn the skills needed to develop powerful websites quickly, with code that is clean and easy to maintain.
This book is also a programmer’s manual that provides complete coverage of the current Long Term Support (LTS) version of Django. For developers creating applications for commercial and business critical deployments, Mastering Django: Core provides a complete, up-to-date resource for Django 1.8LTS with a stable code-base, security fixes and support out to 2018.
Table of Contents (33 chapters)
Mastering Django: Core
Credits
About the Author
www.PacktPub.com
Preface
Free Chapter
Introduction to Django and Getting Started
Views and URLconfs
Templates
Models
The Django Admin Site
Forms
Advanced Views and URLconfs
Advanced Templates
Advanced Models
Generic Views
User Authentication in Django
Testing in Django
Deploying Django
Generating Non-HTML Content
Django Sessions
Djangos Cache Framework
Django Middleware
Internationalization
Security in Django
More on Installing Django
Advanced Database Management
Model Definition Reference
Database API Reference
Generic View Reference
Settings
Built-in Template Tags and Filters
Request and Response Objects
Developing Django with Visual Studio
Customer Reviews