-
-
Notifications
You must be signed in to change notification settings - Fork 192
Keep the Privacy
This page tells about our Matchering WEB.
Being designed and optimized for home and in-house use, it is not suitable for public use in terms of security and scalability. List of reasons (which we found) why you should not host this app on the Internet:
Django, SQLite, Redis and Matchering 2.0 worker in one container.
Yes, this is a Docker anti-pattern, but it is made for the convenience of the app's end user, not the developers.
Non-scalable SQLite is used.
This is done to reduce resource consumption on the end user's computer, so as not to run a separate service for the database, such as PostgreSQL.
Static files are served by Django, Django DEBUG = True, production web servers are not used.
This is also done for the convenience of the end user, so as not to mess with Docker Compose.
All Django middleware is removed, Django deployment checklist failed.
See above. The reasons are the same.
So to make sure that your public web service will not be hacked or subjected to a DDoS attack, you need to do this at a minimum:
- Fix all cases from the above list
- Rewrite the file delivery module to get rid of direct file paths
- Use nginx with X-Accel-Redirect or Apache with X-Sendfile to distribute media files
- Forget about third-party CDNs (for example, Free and Pro CloudFlare plans only accepts 100 MB of client maximum upload size) and think about how to protect yourself from DDoS attacks
- Implement user authorization and a personal area with file storage
- Something else we couldn't remember
Looking for the perfect BPM or key for a new EDM track?
A completely free open-source web service from the author of Matchering.