ó i4Vdc@spddlmZddlmZmZmZdZdZedddƒZed dd ƒZ ed dd ƒZ ed ddƒZ edddƒZ edddƒZ edddƒZedied6ed6ddƒZedddƒZedddƒZedddƒZd„Zd „Zeejd!eƒd"„ƒZeejd!eƒd#„ƒZeejd!eƒd$„ƒZeejd!eƒd%„ƒZeejd!eƒd&„ƒZeejd!eƒd'„ƒZeejd!eƒd(„ƒZeejd!eƒd)„ƒZeejd!eƒd*„ƒZeejd!eƒd+„ƒZ eejd!eƒd,„ƒZ!d-S(.i˙˙˙˙(tsettingsi(tTagstWarningtregisteri2isäYou do not have 'django.middleware.security.SecurityMiddleware' in your MIDDLEWARE_CLASSES so the SECURE_HSTS_SECONDS, SECURE_CONTENT_TYPE_NOSNIFF, SECURE_BROWSER_XSS_FILTER, and SECURE_SSL_REDIRECT settings will have no effect.tids security.W001s;You do not have 'django.middleware.clickjacking.XFrameOptionsMiddleware' in your MIDDLEWARE_CLASSES, so your pages will not be served with an 'x-frame-options' header. Unless there is a good reason for your site to be served in a frame, you should consider enabling this header to help prevent clickjacking attacks.s security.W002s,You have not set a value for the SECURE_HSTS_SECONDS setting. If your entire site is served only over SSL, you may want to consider setting a value and enabling HTTP Strict Transport Security. Be sure to read the documentation first; enabling HSTS carelessly can cause serious, irreversible problems.s security.W004sYou have not set the SECURE_HSTS_INCLUDE_SUBDOMAINS setting to True. Without this, your site is potentially vulnerable to attack via an insecure connection to a subdomain. Only set this to True if you are certain that all subdomains of your domain should be served exclusively via SSL.s security.W005sűYour SECURE_CONTENT_TYPE_NOSNIFF setting is not set to True, so your pages will not be served with an 'x-content-type-options: nosniff' header. You should consider enabling this header to prevent the browser from identifying content types incorrectly.s security.W006süYour SECURE_BROWSER_XSS_FILTER setting is not set to True, so your pages will not be served with an 'x-xss-protection: 1; mode=block' header. You should consider enabling this header to activate the browser's XSS filtering and help prevent XSS attacks.s security.W007sYour SECURE_SSL_REDIRECT setting is not set to True. Unless your site should be available over both SSL and non-SSL connections, you may want to either set this setting True or configure a load balancer or reverse-proxy server to redirect all connections to HTTPS.s security.W008sîYour SECRET_KEY has less than %(min_length)s characters or less than %(min_unique_chars)s unique characters. Please generate a long and random SECRET_KEY, otherwise many of Django's security-critical features will be vulnerable to attack.t min_lengthtmin_unique_charss security.W009s4You should not have DEBUG set to True in deployment.s security.W018sYou have 'django.middleware.clickjacking.XFrameOptionsMiddleware' in your MIDDLEWARE_CLASSES, but X_FRAME_OPTIONS is not set to 'DENY'. The default is 'SAMEORIGIN', but unless there is a good reason for your site to serve other parts of itself in a frame, you should change it to 'DENY'.s security.W019s.ALLOWED_HOSTS must not be empty in deployment.s security.W020cCs dtjkS(Ns-django.middleware.security.SecurityMiddleware(RtMIDDLEWARE_CLASSES(((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pyt_security_middlewarehscCs dtjkS(Ns6django.middleware.clickjacking.XFrameOptionsMiddleware(RR(((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pyt_xframe_middlewarelstdeploycKstƒ}|rgStgS(N(RtW001(t app_configstkwargst passed_check((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pytcheck_security_middlewareps cKstƒ}|rgStgS(N(R tW002(R R R((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pytcheck_xframe_options_middlewarevs cKs$tƒ ptj}|rgStgS(N(RRtSECURE_HSTS_SECONDStW004(R R R((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pyt check_sts|scKs4tƒ p tj p tjtk}|r-gStgS(N(RRRtSECURE_HSTS_INCLUDE_SUBDOMAINStTruetW005(R R R((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pytcheck_sts_include_subdomains‚s  cKs*tƒ ptjtk}|r#gStgS(N(RRtSECURE_CONTENT_TYPE_NOSNIFFRtW006(R R R((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pytcheck_content_type_nosniffŒs cKs*tƒ ptjtk}|r#gStgS(N(RRtSECURE_BROWSER_XSS_FILTERRtW007(R R R((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pytcheck_xss_filter•s cKs*tƒ ptjtk}|r#gStgS(N(RRtSECURE_SSL_REDIRECTRtW008(R R R((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pytcheck_ssl_redirectžs cKsSttddƒo?tttjƒƒtko?ttjƒtk}|rLgStgS(Nt SECRET_KEY( tgetattrRtNonetlentsetR"t SECRET_KEY_MIN_UNIQUE_CHARACTERStSECRET_KEY_MIN_LENGTHtW009(R R R((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pytcheck_secret_key§scKstj }|rgStgS(N(RtDEBUGtW018(R R R((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pyt check_debugąs cKs*tƒ ptjdk}|r#gStgS(NtDENY(R RtX_FRAME_OPTIONStW019(R R R((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pytcheck_xframe_denyˇs cKstjr gStgS(N(Rt ALLOWED_HOSTStW020(R R ((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pytcheck_allowed_hostsŔsN("t django.confRtRRRR(R'R RRRRRR R)R,R0R3RR tsecurityRRRRRRRR!R*R-R1R4(((sn/var/www/html/phendo-backend/phendo_python/env/lib/python2.7/site-packages/django/core/checks/security/base.pytsh