About Using HTTPS

For the best security, all websites should be running under HTTPS. You can do that with Let's Encrypt.

For projects with HTTPS also set these Django project settings to disable session and CSRF cookie access from JavaScript:

1
2
3
4
SESSION_COOKIE_SECURE = True
SESSION_COOKIE_HTTPONLY = True
CSRF_COOKIE_SECURE = True
CSRF_COOKIE_HTTPONLY = True

Tips and Tricks Security Django 4.2 Django 3.2 Django 2.2 SSL

Also by me

Django Paddle Subscriptions app

For Django-based SaaS projects.

Django App for You
Django GDPR Cookie Consent app

For Django websites that use cookies.

Django App for You
Django 3 Web Development Cookbook - Fourth Edition
Book for You
Django 3 Web Development Cookbook

Learn how to build practical web projects with Django 3.
1st things 1st
SaaS for You
Online prioritizer "1st things 1st"

It's not for everyone, but it might be for you!