Django Security Hardening

[zarguell]

Hi! Love the new birdle. As a birder but also a security geek I wanted to throw some suggestions out there related to Django security, you can take or leave as you wish:

1. Django secret in git history
   • If you changed it before you deployed the site that’s cool, but you also might want to delete and re-publish the repo without that commit history too, since it’s still technically visible
2. Django console internet accessible
   • You might already have IP restriction on, but if not I would definitely put that on as a minimum
   • Ideally you could throw a reverse proxy of some sort so you can’t even see the admin console, something like a Cloudflare Access policy if you used Cloudflare Zero Trust, or just some rules in a reverse proxy like Traefik with a single sign-on middleware like Authelia if you wanted to self host that capability (although not sure how married you are to Heroku, since you might not be able to quite customize all that on it)
   • This option won’t hide the admin console, but if you proxy just the DNS through Cloudflare (I’m assuming right now you just have DNS point to Heroku?) you can use Cloudflare WAF to at least block some bad guys that way, might save money on Heroku usage as well if blocking bots can reduce some of the load

[mitchbeebe]

Hey! Thanks for reaching out and so glad you like the game. I'm a complete novice in this area, so I truly appreciate the advice.

Thankfully, I did change the secret before deploying, but I agree, I should just delete that commit history.

I don't have any restriction other than username/password on my admin console, so I'll definitely restrict by IP and look into your other ideas here. Thanks again!

[zarguell]

No problem! And if you run into any issues or have questions, don’t hesitate to reach out!