Hi PythonAnywhere folks - I see that for Postgres, I have the option of using 12.2, but I'd really like to use 12.9 because of the vulnerabilities in 12.2: https://www.postgresql.org/support/security/CVE-2021-23214/
Does anyone know how I can either do this upgrade myself, or arrange for it to be done? I haven't started work on my database, so right now this is all greenfield.
Unfortunately the version of Postgres that we provide isn't something we can upgrade for you, though of course we will offer more recent versions in the future.
The good news is that because Postgres instances on PythonAnywhere are only accessible from within our own network, you should be safe against that specific vulnerability, which requires a man-in-the-middle attack.
Hi giles, thanks for the reply. I was also hoping to use cookiecutter-django, which only gave me the option of 12.9, but I also see that it requires Redis ... which they do have some recommendations on (specifically because they have PA deployment instructions for the project, yay!) but I don't want to get that complicated. I'm going to roll my own Django and just pull best practices from that cookiecutter. TYVM, and happy day-after-Christmas/Boxing Day/etc. wherever you are!
Glad to help!
As you have a paid account, if you'd like to use redis, you can get an instance from Redis Labs -- they have a range of options from free up to quite powerful paid ones, and if you provision it in the AWS us-east-1 availability zone it will be close to our servers, so it should be pretty quick.
And a very happy Boxing Day to you too!
Mostly, it's about complication. I'm working on something very simple, probably a 1-2 user site (really, for my own use) and Redis seems like just one more component to manage ... and thus, overkill. So I'm just gonna keep things more barebones than that for now.
OK -- makes sense!
torybenya1
|
3
posts
|
giles
|
11800
posts
|
PythonAnywhere staff
|
