PyLucid CMS Logo

important security instructions

page message
  • Entry for this url doesn't exist.
  • Entry for this url doesn't exist.

Here are some very important security instructions for PyLucid.

↑ public access to settings.py  #

The settings.py is inside the document root of the webserver. You should check if you can get the settings.py throu the webserver:

Normaly you can's access the file, because we have added this in the .htaccess:

XML
1
2
3
<Files settings.py>
    Deny from all
</Files>

↑ _install section access  #

Disable the _install section access, after the installation. Change this in your settings.py:

You can also delete the install password hash. Note, the password hash can be show in a traceback, if enabled.

↑ verbose tracebacks  #

You should disable the debug traceback function because. Set DEBUG = False in your settings.py

Use DEBUG = True only together with INTERNAL_IPS !

0 comments for 'security':
    there exist no comment for 'security'
Leave a comment
PyLucid v0.11.2.0201 | Log in | render time: 231.2 ms - overall: 3.1 days | last modified: Feb. 1, 2010, 12:05 p.m.

django-processinfo: 5.5 ms of 232.7 ms (2.4%)