The following list is a collection of resources for Django deployments and
scenarios like handling web security vulnerabilities, measuring user traction"
with web analytics, improving web application performance with caching and
managing incoming feature requests from users.
Many of these resources along with more detailed explanations can be found on
Full Stack Python.
These links go along with our
Choose Your Own Django Deployment Adventure talk.
Web Application Security
- The official Django security docs page
provides a good overview of security features baked into Django.
- Reading Django and the OWASP Top 10
Jacobian's talk on Django vs the OWASP Top 10
provide further insight into how Django assists with the top web
- Firesheep is a plugin that
sniffs user session cookies if there are unencrypted pages after a user
has logged in. That allows user session spoofing.
Heartbleed is an OpenSSL bug prior to the
latest versions where memory exploits could leak server data without any
trace of what was taken.
- Secure Django reviews are expensive but
potentially help in enterprise environments where money is not a concern.