Thoughts & Learnings

• 

  Django's Guide to the Galaxy | DJ Checkup | User Login + HTTPS

  This article is short and drives home the point of why the user login must be accessible strictly by https.

• 

  Django's Guide to the Galaxy | DJ checkup | HSTS

  There are a few different ways to configure https strict transport security (HSTS) that I have learned. I share them here in this post.

• 

  Django's Guide to the Galaxy | DJ Checkup | Disable DEBUG

  Another measure to make sure you app is secure when running in production.

• 

  Django's Guide to the Galaxy | DJ Checkup | HTTPS

  There are different ways to enable https for one's site. Here I go over some possibilities and point in the direction of how this would be done.

• 

  Django's Guide to the Galaxy | DJ CHeckup | Harden Admin

  When one has a Django admin site the first things that should be done is to harden the admin url. This is a straightforward task to beef up your security and reduce your attack surface.