Inspired by this Nick Craver tweet https://twitter.com/nick_craver/status/720062942960623616
We all hate bots, lets admit it. Especially the ones that try to gain access to our most secret endpoints. Well we have an easy solution for your django application. django_spam simply adds common admin urls to url conf so when bots (or human for that matter) try and access them, they will get redirected...
| Django 2.0 | Django 2.1 | Django 2.2 | Django 3.0 | Django 3.1 | Django 3.2 | |
|---|---|---|---|---|---|---|
| Python 3.4 | ✔️ | |||||
| Python 3.5 | ✔️ | ✔️ | ✔️ | |||
| Python 3.6 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |
| Python 3.7 | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ | ✔️ |
| Python 3.8 | ✔️ | ✔️ | ✔️ | ✔️ | ||
| Python 3.9 | ✔️ | ✔️ | ✔️ |
pip install django-spamAdd to apps list:
INSTALLED_APPS = [
'...',
'django_spam',
'...'
]django_spam ships with some default endpoints bots might try to hit. If you would like to add extra routes, simply add
a SPAM_ROUTES variable to your settings file that contains a list of extra endpoints you would like
to add. no leading slashes
SPAM_ROUTES = [
'admin.php',
'admin/login.php',
'administrator/index.php',
'index.php',
'...',
]Include django_spam.urls to root url file:
'...'
path('', include('django_spam.urls')),
'...',If for some odd reason you need to exclude routes, define EXCLUDED_ROUTES in settings. no leading slashes
EXCLUDED_ROUTES = [
'admin.php',
'index.php'
]See here
This project uses Poetry to manage dev environment. Once installed:
- Clone and
cdinto repo - install packages with
poetry install - black
poetry run black . - flake8
poetry run flake8 - test
poetry run coverage run --source=django_spam setup.py test