Open Source Web Frameworks : Security

Posted by trappedIntoCode on Stack Overflow See other posts from Stack Overflow or by trappedIntoCode
Published on 2009-04-27T15:11:39Z Indexed on 2010/04/28 9:23 UTC
Read the original article Hit count: 571

How secure are popular open source web frameworks?

I am particularly interested in popular frameworks like Rails and DJango.

If I am building a site which is going to do heavy e-commerce, is it Ok to use frameworks like DJango and Satchmo?

Is security compromised because their open architecture ?

I know being OS does not mean being down right open to hackers, Linux uses superb authentication mechanism, but web is a different game.

What can be done in this regard?

UPDATE:

Thanks for answers guys.

I understand that I will have to find a suitable hosting service for a secure e-commerce application and that additional layers of security will be needed.

I understand that Django and Rails have been designed keeping security aspects in mind, the most common form attacks like XSS, Injections etc. (Django book has a ch on Security)

I was expecting comments from security Gurus. If you are a security Guru, would you recommend an important site, which is likely going to be popular, to be built on DJango or Rails?

© Stack Overflow or respective owner

Related posts about web-frameworks

Related posts about open-source