Refs #26464 -- Added a link to OWASP Top 10 in security topic guide.

2016-04-06 13:00:38 -04:00 · 2016-04-06 13:00:38 -04:00 · f6ca63a9f8
parent b2aab09fe9
commit f6ca63a9f8
1 changed files with 5 additions and 0 deletions
--- a/docs/topics/security.txt
+++ b/docs/topics/security.txt
@ -273,5 +273,10 @@ security protection of the Web server, operating system and other components.
 * Keep your :setting:`SECRET_KEY` a secret.
 * It is a good idea to limit the accessibility of your caching system and
  database using a firewall.
+* Take a look at the Open Web Application Security Project (OWASP) `Top 10
+  list`_ which identifies some common vulnerabilities in web applications. While
+  Django has tools to address some of the issues, other issues must be
+  accounted for in the design of your project.

 .. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody
+.. _Top 10 list: https://www.owasp.org/index.php/Top_10_2013-Top_10