

Preventing brute-force attacks with django - dabent
http://bruno.im/2011/nov/22/preventing-brute-force-attacks-django/

======
va_coder
fail2ban is good for this as well

------
lucian1900
That is an issue. But a more significant issue is Django's vulnerability to
timing attacks.

~~~
jacobian
I'm not aware of any timing attacks against Django.

If there are attacks that we should be aware of please be a good open source
citizen and report them to `security@djangoproject.com`. We take security
reports very seriously, and want very much to fix any issues that're
disclosed!

[edit to clarify: I'm one of the lead developers of Django, and one of the
members of the security team that gets emails sent to the `security@` alias.]

