Forums

Server hardening for django website

Hi everybody,

I am hosting a Django website with a postgres database on here and was wondering what measures i could take in terms of server hardening? I assume most of the work is already done by the server providers (pythonanywhere), like fail2ban, closing ports etc. Is this true? And if so, is there anything I should probably do?

Thanks in advance!

Beloved premium user Kingrimursel | 2 posts | Aug. 26, 2021, 9:35 p.m. | permalink

You'll find general remarks on security on this help page.

Staff pafk | 170 posts | PythonAnywhere staff | Aug. 27, 2021, 3:28 p.m. | permalink

Great, thanks!

Beloved premium user Kingrimursel | 2 posts | Aug. 27, 2021, 6:42 p.m. | permalink

Just to touch on the specific things you mentioned: yes, we do have fail2ban running and we only have the necessary ports for serving your site and our own sysadmin stuff open.

Staff giles | 224 posts | PythonAnywhere staff | Aug. 28, 2021, 1:27 p.m. | permalink