So you’ve decided to learn how to build websites with Python and Django. Good choice.

This is a list of Django best practices I actively maintain. If you disagree with something, leave a comment below.

The Basics

  1. Use Pipenv to manage virtual environments
  2. Always use a custom user model
  3. Use a generic class based view (GCBV) if possible, otherwise prefer class based views to function based views
  4. Use environment variables for everything “secret” like SECRET_KET
  5. Use multiple settings files so DEBUG never runs in production
  6. Use Postgres locally with Docker.
  7. Have unit and integration tests. Everywhere. The more the better.


  • Use Pony Checkup for a one-step security check of your site
  • Always use the latest version of Django
  • Deploy with SSL/HTTPS
  • Change your admin url to anything but /admin/

3rd Party Packages