diff options
| author | Elrond <elrond+mediagoblin.org@samba-tng.org> | 2013-04-30 00:24:45 +0200 |
|---|---|---|
| committer | Elrond <elrond+mediagoblin.org@samba-tng.org> | 2013-04-30 00:26:06 +0200 |
| commit | b835e15319882477e71c7b03db2c1565dd674a96 (patch) | |
| tree | 039df349daedd42202074f5d600531eeef962ee8 /docs/source/siteadmin/deploying.rst | |
| parent | 2e6ee596ad9dbc794979069f2f14b856db02343b (diff) | |
| download | mediagoblin-b835e15319882477e71c7b03db2c1565dd674a96.tar.lz mediagoblin-b835e15319882477e71c7b03db2c1565dd674a96.tar.xz mediagoblin-b835e15319882477e71c7b03db2c1565dd674a96.zip | |
Add warning about crypt/itsdangeroussecret.bin.
You should not leak that file, really.
Diffstat (limited to 'docs/source/siteadmin/deploying.rst')
| -rw-r--r-- | docs/source/siteadmin/deploying.rst | 14 |
1 files changed, 14 insertions, 0 deletions
diff --git a/docs/source/siteadmin/deploying.rst b/docs/source/siteadmin/deploying.rst index 77e60037..f2f71e01 100644 --- a/docs/source/siteadmin/deploying.rst +++ b/docs/source/siteadmin/deploying.rst @@ -345,3 +345,17 @@ Visit the site you've set up in your browser by visiting smaller deployments. However, for larger production deployments with larger processing requirements, see the ":doc:`production-deployments`" documentation. + + +Security Considerations +~~~~~~~~~~~~~~~~~~~~~~~ + +.. warning:: + + The directory ``user_dev/crypto/`` contains some very + sensitive files. + Especially the ``itsdangeroussecret.bin`` is very important + for session security. Make sure not to leak its contents anywhere. + If the contents gets leaked nevertheless, delete your file + and restart the server, so that it creates a new secret key. + All previous sessions will be invalifated then. |