Name: wagtailenforcer
Owner: Springload
Description: The Wagtail arm of the law - enforce security protocols on your Wagtail site
Created: 2015-06-05 03:50:46.0
Updated: 2017-08-31 14:17:47.0
Pushed: 2017-03-25 07:35:08.0
Homepage: https://pypi.python.org/pypi/wagtailenforcer
Size: 161
Language: Python
GitHub Committers
| User | Most Recent Commit | # Commits |
|---|
Other Committers
| User | Most Recent Commit | # Commits |
|---|
WagtailEnforcer, the strong arm of the law.
If you need to enforce security protocols on your Wagtail site you've come to the right place.
Wagtailenforcer makes use of the following packages to ensure strict password policies and other security protocols are implemented.
- Lt. Marion “Cobra” Cobretti
Check out Awesome Wagtail for more awesome packages and resources from the Wagtail community.
install wagtailenforcer
Time to edit the settings.py file. `INSTALLED_APPS` should have:
'axes',
'password_policies',
'wagtailenforcer',
.. and `MIDDLEWARE_CLASSES`:
'axes.middleware.FailedLoginMiddleware',
'wagtailenforcer.middleware.WagtailenforcerMiddleware'
Some extra settings:
ssword policy settings
ION_SERIALIZER = 'django.contrib.sessions.serializers.PickleSerializer'
WORD_CHECK_ONLY_AT_LOGIN = True
WORD_MIN_LENGTH = 7
WORD_MAX_LENGTH = 25
WORD_HISTORY_COUNT = 6
WORD_MIN_LETTERS = 1
WORD_MIN_NUMBERS = 1
WORD_MIN_SYMBOLS = 1
WORD_DIFFERENCE_DISTANCE = 3
ango Axes settings
_LOGIN_FAILURE_LIMIT = 5
_LOCK_OUT_AT_FAILURE = True
_ONLY_USER_FAILURES = True # Lock out based on username and not IP or UserAgent
_LOCKOUT_TEMPLATE = 'wagtailenforcer/lockout.html'
tivirus
AV_ACTIVE = True
lowed document uploads extensions
WED_DOCUMENT_EXTENSIONS = ['pdf']
On top of your app urls.py file:
ailadmin_urls.urlpatterns = wagtailenforcer_urls + wagtailadmin_urls.urlpatterns
Check the docs of the apps if you need to do changes to the predefined settings.