Chapter 10. Security
In this chapter, we will discuss the following topics:
- Various web attacks and countermeasures
- Where Django can and cannot help
- Security checks for Django applications
Several prominent industry reports suggest that websites and web applications remain one of the primary targets of cyber attacks. Yet, about 86 percent of all websites, tested by a leading security firm in 2013, had at least one serious vulnerability.
Releasing your application to the wild is fraught with several dangers ranging from the leaking of confidential information to denial-of service attacks. Mainstream media headlines security flaws focusing on exploits, such as Heartbleed, Superfish, and POODLE, that have an adverse impact on critical website applications, such as e-mail and banking. Indeed, one often wonders if WWW stands for World Wide Web or the Wild Wild West.
One of the biggest selling points of Django is its strong focus on security. In this chapter, we will cover the top techniques...