There's no reason to make Django's /admin login page available to users in the Production or Staging environments. Staff are already authenticated, and/or can be added via command line by users with server access. No one should need to log in via /admin directly, so we shouldn't even let users try.
Description
Description
Status | Subtype | Assigned | Task | ||
---|---|---|---|---|---|
Open | None | T240169 Improve staff workflows | |||
Open | NirmalaSainsara | T245268 Block /admin login page in production & staging |
Event Timeline
Comment Actions
@NirmalaSainsara You have some feedback in your PR, do you need anything else from us to continue with this?