distant anvil
I'm developing a dynamic admin panel URL in Django.
For example, the URL is a 32-character string that gets updated weekly.
The problem is, even after updating the URL, Django (or more precisely, Gunicorn) still serves the old URL unless the server is restarted.
This means I have to restart Gunicorn every time I change the admin URL.
Now, I want to change the admin panel URL without restarting Gunicorn.
Would using middleware solve this problem?
Or is there a better way to handle this?
hearty dust
Security through obscurity is generally not recommended.
Sure, you can change it to something other than /admin. But i see minimal value changing it again.
If you are "afraid" of random visits, attempted logons etc, using something like fail2ban on the host is such better idea.
distant anvil
If you are "afraid" of random visits, attempted logons etc, using something like...
Yes, nevertheless, I want to implement this system along with other tools such as fail2ban and similar security mechanisms.
So, how can I make the admin URL dynamic without needing to reload Gunicorn?
Can I achieve this using middleware,
or do you recommend a different approach instead of using middleware to make the admin URL dynamic?
hearty dust
You could potentially do it in the reverse proxy
wraith plover
How do people who need to discover the new URL? It's a very weird setup, I've never heard of anything being secured by changing its URL every week…
heavy hearth
How do people who need to discover the new URL? It's a very weird setup, I've ne...
i think he is just very careful 🙄