# Django Debug Mode in Production

- ID: django-debug-mode-production
- Severity: CRITICAL
- CWE: CWE-489 (CWE-489)
- Languages: Python
- Frameworks: django

## Description

Detects Django applications with DEBUG = True in settings. Debug mode exposes
sensitive information including settings, environment variables, SQL queries,
and stack traces. This must NEVER be enabled in production.

## Remediation

Load DEBUG from environment variables, defaulting to False.

```python
import os

DEBUG = os.getenv('DJANGO_DEBUG', 'False').lower() == 'true'
ALLOWED_HOSTS = ['example.com', 'www.example.com']
```

Learn more: https://shoulder.dev/learn/python/cwe-489/debug-mode

## Documentation

[object Object]

## Related Rules

- **Flask Debug Mode in Production** [HIGH]: 
- **Echo Debug Mode in Production** [MEDIUM]: 
- **Fiber Debug Mode in Production** [MEDIUM]: 
- **Gin Debug Mode in Production** [MEDIUM]: 
- **Debug Mode Enabled in Production** [MEDIUM]: