Django Security Headers Hall of Fame

Copenhagen, 1611

It’s been a year since I published How to Score A+ for Security Headers on Your Django Website, the blog post for my DjangoCon Europe 2019 talk. It’s seen some updates as both Django and web security have evolved, for example Feature-Policy is now required for an A+, and Django 3.0 includes built-in support for Referrer-Policy.

I’ve received a lot of nice feedback for the post and the talk. Here are some of the people who’ve used it to increase their sites’ security:

Thanks to all for letting me know.

If you have used the guide to improve your site’s security, please email or tweet me, and I’ll add a link here! As you can see, you don’t need to get to A+, which is a lot of work. Any improvement is good for your site and users :)


Make your development more pleasant with Boost Your Django DX.

Subscribe via RSS, Twitter, Mastodon, or email:

One summary email a week, no spam, I pinky promise.

Related posts: