Adjusting Django ● Use “secure” cookies — Set CSRF_COOKIE_SECURE and SESSION_COOKIE_SECURE to True import os CSRF_COOKIE_SECURE = os.getenv(‘SECURE_COOKIES’) == ‘yes’ SESSION_COOKIE_SECURE = os.getenv(‘SECURE_COOKIES’) == ‘yes’ ● https://docs.djangoproject.com/en/dev/topics/security/