Book Image

Django Design Patterns and Best Practices

By : Arun Ravindran
Book Image

Django Design Patterns and Best Practices

By: Arun Ravindran

Overview of this book

Table of Contents (19 chapters)
Django Design Patterns and Best Practices
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface
Index

A handy security checklist


Security is not an afterthought but is instead integral to the way you write applications. However, being human, it is handy to have a checklist to remind you of the common omissions.

The following points are a bare minimum of security checks that you should perform before making your Django application public:

  • Don't trust data from a browser, API, or any outside sources: This is a fundamental rule. Make sure you validate and sanitize any outside data.

  • Don't keep SECRET_KEY in version control: As a best practice, pick SECRET_KEY from the environment. Check out the django-environ package.

  • Don't store passwords in plain text: Store your application password hashes instead. Add a random salt as well.

  • Don't log any sensitive data: Filter out the confidential data such as credit card details or API keys from your log files.

  • Any secure transaction or login should use SSL: Be aware that eavesdroppers in the same network as you are could listen to your web traffic if...