Are Enviornment Variables Still Considered a Secure Choice for Production?

I am hosting my Django website, and I am very concerned about security measures and implementations. However, I feel like system environment variables saved in servers (in my example I am using Koyeb) or files have a security issue with them. Is this the case? If so, what are some very low cost, low maintenance (I had trouble with Google Secret Manager before), methods to keep my secrets secure and safe?

I would suggest to avoid them by all means. And this is not “still”. It was a bad idea in the first place.

Some may disagree, but I doubt they have convincing arguments. Generally, an application should be functionally independent from the environment as much as possible. Not only from the environment variables, but from all the environment details.

Вернуться на верх

Последние вопросы и ответы

Are Enviornment Variables Still Considered a Secure Choice for Production?

How can I send a POST request with a CSRF Token and a JSON body to a Django endpoint?

How to configure/debug Python chat application on a production Ubuntu system

ImportError in old migrations (django.utils.timezone.utc) after upgrading Python and Django

Django tests in GitLab CI always use PostgreSQL instead of SQLite despite APP_ENV override

Serializers Prefetch in View

How to separate local and production settings in django?

How to fix issue with passing class instances between methods in Python (Django context)?

How to properly store image dimensions in Django

ModuleNotFoundError: No module named 'pkg_resources' With Django Project

Are Enviornment Variables Still Considered a Secure Choice for Production?

Последние вопросы и ответы

Рекомендуемые записи по теме