techgeek.biz - learn, code, contribute and make money

[ Home ] [ Tech Tips ] [ Raspberry Pi ] [ Powershell ] [ Ubuntu ] [ Django ] [ About ]

django remove admin from production how to

Let's make your Django site more secure by removing your admin panel in production all together!

This is a great easy way to add secuirty to your site. This is obviously assuming you develop locally and then push it up to your production server

Step 1. In your settings.py add

if (DEBUG == False):
    ADMIN_ENABLED = False

if (DEBUG == True):
    ADMIN_ENABLED = True

Step 2. now to your mainl urls.py where your main admin.site.urls is and remove it from the topline and replace it underneath

from django.conf import settings

if settings.ADMIN_ENABLED:
    urlpatterns += [
    path('admin/', admin.site.urls),
    ]

If you have django-cms you might have to give it some extra love and attention with an example below

if not settings.ADMIN_ENABLED:
    urlpatterns = [
    path("", include("fleet.urls")),
    path("", include("authentication.urls")),
    re_path(r'^', include('cms.urls')),
    ]

if settings.ADMIN_ENABLED:
    urlpatterns = [
    path('admin/', admin.site.urls),
    path("", include("fleet.urls")),
    path("", include("authentication.urls")),
    re_path(r'^', include('cms.urls')),
    ]

Done like a turkey

Thank you for reading. Any questions, comments or suggestions email me [email protected]
Luke Keam
techgeek.biz

techgeek.biz learn, code, contribute and make money

django remove admin from production how to

FOLLOW US

AD