diff options
| author | Tim Graham <timograham@gmail.com> | 2016-04-06 13:00:38 -0400 |
|---|---|---|
| committer | Tim Graham <timograham@gmail.com> | 2016-04-09 08:10:17 -0400 |
| commit | bdbfa1b1f81536642cb4518877bdb4ecd18e83b7 (patch) | |
| tree | ef61dceb7efb3b82baa079627c57f27c026dfc3d /docs | |
| parent | 99bec24f99d60e7f52248484ebfd7e4a02c39749 (diff) | |
[1.9.x] Refs #26464 -- Added a link to OWASP Top 10 in security topic guide.
Backport of f6ca63a9f8b3d030097135e096c1041e09c29fd9 from master
Diffstat (limited to 'docs')
| -rw-r--r-- | docs/topics/security.txt | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/docs/topics/security.txt b/docs/topics/security.txt index 324e198410..eb1172e7e8 100644 --- a/docs/topics/security.txt +++ b/docs/topics/security.txt @@ -273,5 +273,10 @@ security protection of the Web server, operating system and other components. * Keep your :setting:`SECRET_KEY` a secret. * It is a good idea to limit the accessibility of your caching system and database using a firewall. +* Take a look at the Open Web Application Security Project (OWASP) `Top 10 + list`_ which identifies some common vulnerabilities in web applications. While + Django has tools to address some of the issues, other issues must be + accounted for in the design of your project. .. _LimitRequestBody: https://httpd.apache.org/docs/2.4/mod/core.html#limitrequestbody +.. _Top 10 list: https://www.owasp.org/index.php/Top_10_2013-Top_10 |
