settings.py: add more security settings

2019-05-19 02:31:21 -07:00
parent 05902bec7a
commit 45df2a0123
1 changed files with 15 additions and 0 deletions
--- a/procat2/settings.py
+++ b/procat2/settings.py
@ -22,7 +22,22 @@ FRONTEND_DIR = os.path.join(BASE_DIR, 'cateditor')
 # bring in ansible-defined settings
 from .settings_ansible import *

+# for 500 errors logging
+ADMINS = [('Seth Ladygo', 'alx-admin@procatalog.io')]

+# for broken link reporting
+MANAGERS = [('Seth Ladygo', 'alx-admin@procatalog.io')]
+
+# For deployment, see
+# https://docs.djangoproject.com/en/2.1/howto/deployment/checklist/
+
+# Security settings recommended by
+#   ./manage.py check --deploy
+SECURE_CONTENT_TYPE_NOSNIFF = True
+SECURE_BROWSER_XSS_FILTER = True
+SESSION_COOKIE_SECURE = True
+CSRF_COOKIE_SECURE = True
+X_FRAME_OPTIONS = 'DENY'

 LOGGING = {
    'version': 1,