0PricingLogin
Django Academy · Lesson

DEBUG, SECRET_KEY, and ALLOWED_HOSTS

Get the dangerous settings right.

Three Dangerous Settings

Three settings in settings.py can sink a production site if you get them wrong. Let us tame DEBUG, SECRET_KEY, and ALLOWED_HOSTS together. 🔒

What DEBUG Does

When DEBUG is True, Django shows detailed error pages with your code, settings, and traceback. That is gold in dev but a gift to attackers in production.

DEBUG = True

All lessons in this course

  1. DEBUG, SECRET_KEY, and ALLOWED_HOSTS
  2. HTTPS, HSTS, and Secure Cookies
  3. XSS, CSRF, and SQL Injection Defenses
  4. Running the Deployment Checklist
← Back to Django Academy