- Trending Categories
Data Structure
Networking
RDBMS
Operating System
Java
iOS
HTML
CSS
Android
Python
C Programming
C++
C#
MongoDB
MySQL
Javascript
PHP
Physics
Chemistry
Biology
Mathematics
English
Economics
Psychology
Social Studies
Fashion Studies
Legal Studies
- Selected Reading
- UPSC IAS Exams Notes
- Developer's Best Practices
- Questions and Answers
- Effective Resume Writing
- HR Interview Questions
- Computer Glossary
- Who is Who
How to add extra security to Django admin using fake admin login?
We are going to make a Django admin fake login page using a thirdparty package. This will just create a Django admin fake page, and whenever anyone tries to login on the admin page, whether they enter the right or wrong password, they will not be able to login and their trial with their IP addresses will be stored in a table.
So, just follow the steps given below and you will be all good to go.
Setup basic urls and add app in INSTALLED_APPS in settings.py.
Example
First install the package
pip install django-admin-honeypot
In settings.py, add this −
INSTALLED_APPS+ = ['admin_honeypot']
We simply add it to the installed app which is necessary for settings.
In project's urls.py −
from django.contrib import admin from django.urls import path,include urlpatterns = [ path(r'admin/', include('admin_honeypot.urls', namespace=' admin_honeypot')), path(r'secret/', admin.site.urls), ]
Here, we simply replace the real admin with a fake one and put our admin on another endpoint.
Run these commands −
python manage.py makemigrations python manage.py migrate
Now you are all done, it will create a table which will store all the login attempt in admin with their session ids, the real admin will be on /secrets endpoint.
Output
On http://127.0.0.1/admin/, you will get to see the following output screen
It is fake honeypot admin page, whether you make right or wrong attempt, it is still fake and will save all attempts in a table. If you go tohttp://127.0.0.1/secret/ and login with your admin username and password −
In a table, you will get all the records.
- Related Articles
- How to make Django admin more secure?
- Django – Admin based File Management
- How to add security to your Django website?
- How to remove Fake Windows Security Alert?
- Finding code where admin user is created in SAP Hybris
- How to add groups in Django using authentication system?
- How to add authentication to Django Website?
- How to add an extra point to scatterplot using ggplot2 in R?
- How to add validation to your Django project?
- How to add authorization to your Django website?
- How to add an UpdateView in Django?
- How to add Django debug toolbar to your project?
- How to add a Money field in Django?
- How to add Social Share buttons in Django?
- How to add a captcha in a Django website?
