p15693087
/
django
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Refs #26464 -- Added a link to OWASP Top 10 in security topic guide.

This commit is contained in:
Tim Graham 2016-04-06 13:00:38 -04:00
parent b2aab09fe9
commit f6ca63a9f8
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
docs/topics/security.txt
View File

@ -273,5 +273,10 @@ security protection of the Web server, operating system and other components.
* Keep your :setting:`SECRET_KEY` a secret. * Keep your :setting:`SECRET_KEY` a secret.
* It is a good idea to limit the accessibility of your caching system and * It is a good idea to limit the accessibility of your caching system and
database using a firewall. database using a firewall.
* Take a look at the Open Web Application Security Project (OWASP) `Top 10
list`_ which identifies some common vulnerabilities in web applications. While
Django has tools to address some of the issues, other issues must be
accounted for in the design of your project.
.. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody .. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
.. _Top 10 list: https://www.owasp.org/index.php/Top_10_2013-Top_10