Here are some very important security instructions for PyLucid.

public access to

The is inside the document root of the webserver. You should check if you can get the throu the webserver:

Normaly you can's access the file, because we have added this in the .htaccess:

    Deny from all

_install section access

Disable the _install section access, after the installation. Change this in your


You can also delete the install password hash. Note, the password hash can be show in a traceback, if enabled.

verbose tracebacks

You should disable the debug traceback function because. Set DEBUG = False in your

Use DEBUG = True only together with INTERNAL_IPS !