Feature #10034: Translation web platform
Check if Weblate has been audited already
#2 Updated by u about 4 years ago
According to the upstream author:
"There has been no official security audit so far. The code has been written quite cautiously, but that still does not prevent possible vulnerabilities, especially when using many third party libraries (eg. most vulnerabilities in Django affect Weblate as well)."
#3 Updated by u about 4 years ago
We might want to add this: https://pypi.python.org/pypi/django-secure
And as noted here: https://docs.djangoproject.com/en/1.8/topics/security/ we might want to add a plugin which throttles requests to authenticate users to prevent from brute force attacks.
#4 Updated by u about 4 years ago
- Assignee changed from u to sajolida
- % Done changed from 0 to 10
- QA Check set to Ready for QA
and https://www.ponycheckup.com/ to test Django secure deployment