Include Django SecurityMiddleware in middleware stack | Critiq Docs

#Metadata

Rule ID: py.security.django-security-middleware-missing
Severity: high
Confidence: 0.9
Languages: python
Presets: security, strict
Stability: stable
Applies to: block
Tags: configuration, django, python, rules-catalog, security

#Why it matters

Missing SecurityMiddleware can disable key hardening controls such as transport, header, and redirect protections.

#Remediation

Add `django.middleware.security.SecurityMiddleware` to `MIDDLEWARE` following Django ordering guidance.

#Repository path

The generated metadata points to critiq-rules/libs/rules/catalog/rules/python/py.security.django-security-middleware-missing.rule.yaml.

Back to directory Open rule in repository