Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/syndbg/django-web-secure

A middleware that lets Django handle the security and leaves the coding to you.
https://github.com/syndbg/django-web-secure

Last synced: 11 days ago
JSON representation

A middleware that lets Django handle the security and leaves the coding to you.

Host: GitHub
URL: https://github.com/syndbg/django-web-secure
Owner: syndbg
License: mit
Created: 2014-11-09T14:07:20.000Z (about 10 years ago)
Default Branch: master
Last Pushed: 2015-04-06T20:51:00.000Z (over 9 years ago)
Last Synced: 2024-08-09T12:48:36.053Z (3 months ago)
Language: Python
Size: 223 KB
Stars: 1
Watchers: 2
Forks: 0
Open Issues: 4
Metadata Files:
- Readme: README.md
- License: LICENSE.txt

Awesome Lists containing this project

README

# Django Web Secure

The middleware that makes ponies fly with a great sense of security.

*Important!* Newer Django as 1.7 or 1.8, implement this package's functionality, surely even better than myself. I recommend using the Django built-in middleware!

![Flying pony](http://img.ffffound.com/static-data/assets/6/9b8451b7e1bbae1a4da67991bfea3d082aaea148_m.jpg)

## Inspiration:

* https://www.owasp.org/index.php/List_of_useful_HTTP_headers,
* https://wiki.mozilla.org/WebAppSec/Secure_Coding_Guidelines

## What can it do:

* Force SSL,
* Exempt hosts,
* Enable HSTS, HSTS subdomains and HSTS preload,
* Enable XSS Protection,
* Enable nosniff,
* Enable Content-Security-Policy,

__All of these are options that you can turn on/off.__

## How to use:

Follow the instructions in [INSTALL.md](../blob/master/INSTALL.md)

## How to test:

Using

* [Erik's Pony checkup](http://ponycheckup.com)
* [SSL labs' SSL test](https://www.ssllabs.com/ssltest/)

## Docs:

TODO: `docs/`