Sunday, December 11, 2016

Re: Django ponycheckup check up results

Thank you Matthew, appreciate your reply. 



On Friday, November 4, 2016 at 11:00:36 AM UTC-7, Matthew Pava wrote:

I am just a regular user, but I don't see how a Django setting could possibly modify some such a setting on the web server.  I would just learn how to write that EB command and take it from there.  …I suppose you could try writing a Python function or a Django command that will append your desired setting to the .htaccess file when you run it.

 

From: django...@googlegroups.com [mailto:django...@googlegroups.com] On Behalf Of Sandeep Patil
Sent: Friday, November 4, 2016 12:27 PM
To: Django users
Subject: Re: Django ponycheckup check up results

 

Dear all,

 

Noone else here who has this issue? Really would like to learn how this works.

 

Thanks,

Sandeep

On Saturday, September 17, 2016 at 9:29:29 PM UTC+2, Sandeep Patil wrote:

Dear All,

 

I checked my django site a security ponycheckup at ponycheckup.com and I got 90%, which is good. However I am stuck at resolving the error "

Web server allows TRACE

Your web server allows the TRACE method. This is not good, as it rarely serves a purpose, and can be used in cross-site scripting attacks."

 

I tried to look around for answers and most of them had solutions for modifying htaccess file. Since I use AWS EB, I dont want to manually modify any server files (because they get overwritten and writing a EB command looks very hacky). Is there a Django way of resolving this issue (some setting in settings.py)?

 

 

 

 

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
To post to this group, send email to djang...@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/1c3425eb-1e44-4297-8d3b-7925b5c24313%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/a0e199e4-6ead-424c-81c6-6251a7ed3391%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)