A YC company is exposing their django /admin URL in production

1 points by yashchandra ↗ HN
Considerng so much is happening around security and compromises lately (linkedin etc.), I was thinking about Django sites that expose their /admin URL in production i.e. their live site. In fact, I always check the /admin URL if I know a site is built using Django and to my surprise, quite a few of them exist. It is understood that the username/passwd still need to be cracked but just by exposing the admin page in prod, arent you taking a big risk ? An example of a YC company that advertised for a job. They are exposing their admin page. http://www.zerocater.com/admin/

0 comments

[ 0.25 ms ] story [ 10.3 ms ] thread

No comments yet.