Code 401 Class 34 Reading Notes

Django Settings Best Practices

Managing Django Setting: Issues

Different environments: Usually you have several environments: local, dev, ci, qa, staging, production, etc. Each envirionment can have its won specific settings (for example: DEBUG = True, which will require more verbose logging, additional apps, mocked data, etc.) You need an approach that allows you to keep all these Django setting configurations.

Django setting are a Python code.: These are often in settings.py, it gives flexibility, but also can be a curse and a blessing at the same time.

Setting Configuration: Different Approaches

settings_local.py: Basic idea of this method is to extend all environment specific settings in the settings_local.py file, which is ignored by VCS.

Pros

• Secrets not in VCS

Cons

• settings_local.py is not in VCS, so you can lose some of your Django environment settings.
• The Django settings file is a Python code, so settings_local.py can have some non obvious logic.
• You need to have `settings_local.example(in VCS)to share the default configurations for developers.

Separate settings files for each environment

This an extension of the previous approach. Package the settings with the following structure:

settings/
   ├── __init__.py
   ├── base.py
   ├── ci.py
   ├── local.py
   ├── staging.py
   ├── production.py
   └── qa.py

Pros

• All environments are in VCS.
• It’s easy to share settings between developers.

Cons

• You need to find a way to handle secret passwords and tokens.
• “Inheritance” of settings can be hard to trace and maintain.

Environment variables

Pros

• These usually are a good method to keep configuration is separated from code.
• Environment parity – you have the same code for all environments.
• No inheritance in settings, and cleaner and more consistent code.
• There is a theoretical grounding for using environment variables – 12 Factors.

Cons

• You need to handle sharing default config between developers.

Best practices

• Keep settings in environment variables.
• Write default values for productions configuration (excluding secret keys and tokens).
• Don’t hardcode sensitive settings, and don’t put them in VCS.
• Split settings into groups: Django, third-party, project.
• Follow naming conventions for custom (project) settings.

What is SSH: Understanding Encryption, Ports and Connection

SSH(Secure Shell Protocol): A remote administration protocol that allows users to access, control, and modify their remote servers over the internet.

How Does SSH Work

The SSH command consists of 3 distinct parts:

ssh {user}@{host}

The SSH key command instructs your system that you want to open an encrypted Secure Shell Connection. {user}; represents the acount you want to access. {host}: refers to computer you want to access. Can be IP or domain name.

Gaining an in-depth understanding of the underlying how SSH works can help users understand the security aspects of this technology.

Things I want to know more about

Common practices that hacker try to break these codes and how to avoid them or fortify your code better.

<—BACK