Django deployment checklist
Check your production settings.py file for security vulnerabilities with the
$ ./manage.py check --deploy
$ ./manage.py check --deploy System check identified some issues: WARNINGS: have not set CSRF COOKIE SECURE to True. Using a secure-only CSRF cookie makes it more difficult for network traffic sniffers to steal the CSRF token. ? (security.W018) You should not have DEBUG set to True in deployment. ? (security.W022) You have not set the SECURE_REFERRER_POLICY setting. Without this, your site will not send a Referrer-Policy header. You should consider enabling this header to protect user privacy.