A YC company is exposing their django /admin URL in production
Considerng so much is happening around security and compromises lately (linkedin etc.), I was thinking about Django sites that expose their /admin URL in production i.e. their live site. In fact, I always check the /admin URL if I know a site is built using Django and to my surprise, quite a few of them exist. It is understood that the username/passwd still need to be cracked but just by exposing the admin page in prod, arent you taking a big risk ?
An example of a YC company that advertised for a job. They are exposing their admin page.
http://www.zerocater.com/admin/
0 comments
[ 0.25 ms ] story [ 10.3 ms ] threadNo comments yet.