I'm happy to report that v3.0 of the django-adminrestrict plugin has been released.
In development since 2014, django-adminrestrict secures access to the Django admin pages. It works by blocking requests for the admin page path unless the requests come from specific IP addresses, address ranges or domains that you specify in a model.
Release Notes
- New feature (setting ADMINRESTRICT_BLOCK_GET = True) to enable this middleware to filter access for ALL accesses to admin page URLs (GET or POST).
- New feature (setting ADMINRESTRICT_DENIED_MSG = "custom msg") to allow custom body for 403 denied responses.
- New feature (setting ADMINRESTRICT_ALLOW_PRIVATE_IP = True) to allow all RFC1918 addresses to access admin pages regardless of entries in AllowedIP table
- New feature to support allowing access in the AllowedIP table via CIDR ranges.
- New feature to support allowing access in the AllowedIP table via domain names. Use case: dynamic DNS domain names.
Get it at pypi:
Get it at github:
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/5ff82a01-cb30-45e3-b20b-560938b1d439n%40googlegroups.com.
No comments:
Post a Comment