0
0
Djangoframework~5 mins

Security checklist (manage.py check --deploy) in Django - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Recall & Review
beginner
What is the purpose of the manage.py check --deploy command in Django?
It runs a security-focused system check to find common deployment issues and suggests fixes to make your Django app safer in production.
Click to reveal answer
beginner
Name two security settings that manage.py check --deploy verifies.
It checks if DEBUG is set to False and if SECURE_SSL_REDIRECT is enabled to force HTTPS connections.
Click to reveal answer
beginner
Why should DEBUG be set to False in production according to the security checklist?
Because DEBUG=True shows detailed error pages that can leak sensitive information to attackers.
Click to reveal answer
intermediate
What does the SECURE_HSTS_SECONDS setting control, and why is it important?
It sets how long browsers should only use HTTPS for your site, helping prevent man-in-the-middle attacks by enforcing secure connections.
Click to reveal answer
beginner
What does the security check say about ALLOWED_HOSTS?
It must be set to a list of valid host/domain names your site can serve to prevent HTTP Host header attacks.
Click to reveal answer
What does manage.py check --deploy primarily check for?
ATemplate syntax errors
BDatabase schema errors
CPerformance bottlenecks
DSecurity and deployment best practices
Which setting should NOT be True in production according to the checklist?
ASECURE_HSTS_SECONDS
BSECURE_SSL_REDIRECT
CDEBUG
DALLOWED_HOSTS
What is the role of SECURE_SSL_REDIRECT?
ARedirect HTTP requests to HTTPS
BDisable SSL encryption
CEnable debug mode
DAllow all hosts
Why must ALLOWED_HOSTS be set properly?
ATo prevent HTTP Host header attacks
BTo enable debug mode
CTo allow database connections
DTo disable SSL
What does SECURE_HSTS_SECONDS help enforce?
ADisabling cookies
BHTTPS-only connections for a set time
CAllowing HTTP connections
DEnabling debug info
Explain the main security checks performed by manage.py check --deploy and why they matter.
Think about what settings protect your app from common attacks and leaks.
You got /5 concepts.
    Describe how you would fix a warning about ALLOWED_HOSTS from the deployment check.
    Consider what hosts your app should trust and serve.
    You got /3 concepts.