Question

我仅仅花了一年时间才拿起猪又.。部署django站点仍然是我有许多问题,尽管我已成功地用人工部署了我的场址。我在部署方面的最大问题之一是,我可以采取哪些措施来保障我的手稿的来源代码,包括登戈时的密码。 py, from others, especially when my website conducted on a factshop provided by some 3rd party. 我要求我不要再说一遍,但我的源码正在第三方服务器上运行,而有人在服务器上可以查阅任何/任何地方,这使我感到不安。

Answer 1

几乎不存在贵国主办机构对你的来源代码感兴趣的情况。大部分网站的源代码只值很高。

如果你真的认为有必要保护你的源代码,那么,最好的办法是使其不受你拥有和控制的系统的影响,并且完全可以进入。

否则,有几种混淆假的技术,其中最直截了当的只是把pyc文档推向生产服务器,而不是将py文档推给生产服务器。然而,与Django相比,这不是标准做法,因为接收供应商偷窃网站来源代码实际上不是一个紧迫问题。我不知道这一技术是否与Django具体合作。

Answer 2

If someone has the privileges to access anything/anywhere on the server you can t do much, because what you can do others can do too, you can try some way of obfuscation but that will not work. Only solution is NOT to use such shared repository.

Edit: options

Keep working with shared repository if your data is not very sensitive
Use dedicated hosting from companies like rack-space etc
Use AWS to run your own instance
Use google-app-engine server but that may require a DB change
Run your own server (most secure)

Answer 3

虽然你的来源代码可能罚款,但我建议不要将你的配置密码存放在平原上,而不论是否编纂法典。相反,服务器上有适当密码的斜体,服务器生成了在日志中提交的密码的斜体,而相比之下。标准安全做法。

Then again I could just be talking out my rear end since I haven t fussed about with Django yet.

Answer 4

Protecting source code is not that important IMHO. I would just deploy compiled files and not worry too much about it.

保护你的信条(特别密码)确实很重要。友好点很好。

友情链接