Part F Secure your installation

This part describes how to make FST more secure. Additional actions may be necessary for your particular server environment.

These four steps outline the bare minimum security for a public demo server.

##1. Secure your login##

This should already be done, it was covered in the first part of the installation guide.

Here is a small checklist:

If you have problems with any of these, go back to Part A and fix it! Your server is not secure.

##2. Change Django settings and disable DEBUG mode##

DEBUG mode is valuable during installation and for debugging errors. But it should always be disabled on a public server.

Login to the server as 'fst'- Change the file 'demo_settings.py' to disable DEBUG

sudo sed -i 's/^DEBUG = True/DEBUG = False/' ~/fst/fst_web/demo_settings.py

Verify that the change happened

sudo grep "DEBUG =" ~/fst/fst_web/demo_settings.py

##3. Make your secret key unique##

Django has a secret key that must be unique for every installation.

FST gives you a simple, built-in way to do that:

cd ~/fst
python manage.py generate_secret_key --replace

Verify that the key was installed:

cd ~/fst
python manage.py generate_secret_key

Read more about why Django's secret key is important here:

##4. Setup firewall and timeserver##

Additional security resources##

Note! This release of FST does not have detailed documentation for production use.

HTTPS is a strict security requirement for production use. You must install FST on it's own domain with a valid HTTPS certificate.

###Django's security documentation###

Anyone installing on a production server should read Django's security documentation carefully.