This document outlines the security improvements made to address CodeQL security issues.
- Issue: Admin credentials were hardcoded in
admin.py - Fix: Moved credentials to environment variables using
os.environ.get() - Environment Variables:
ADMIN_USERNAME: Admin username (defaults to 'admin')ADMIN_PASSWORD: Admin password hash (defaults to existing hash for backward compatibility)
- Issue: Using
random.choice()for selecting featured posts - Fix: Replaced with
secrets.choice()for cryptographically secure random selection
- Issue: Flask app was binding to
0.0.0.0which exposes the service to all network interfaces - Fix: Changed to bind to
127.0.0.1by default, configurable via environment variables - Environment Variables:
FLASK_HOST: Host to bind to (defaults to '127.0.0.1')FLASK_PORT: Port to bind to (defaults to 5000)
- Secret Key: Made configurable via
SECRET_KEYenvironment variable - Session Security: Added secure session configuration:
SESSION_COOKIE_SECURE: Set to True in productionSESSION_COOKIE_HTTPONLY: Set to True to prevent XSSSESSION_COOKIE_SAMESITE: Set to 'Lax' for CSRF protection
For production deployment, set these environment variables:
export SECRET_KEY="your-secret-key-here"
export ADMIN_USERNAME="your-admin-username"
export ADMIN_PASSWORD="your-hashed-password"
export FLASK_HOST="127.0.0.1" # Or appropriate host
export FLASK_PORT="5000"
export FLASK_ENV="production"All security issues have been verified as resolved using Bandit security scanner:
- No high, medium, or low severity issues detected
- All CWE vulnerabilities addressed
- Application tested and functioning correctly