Isso is a lightweight Python comment server that is often embedded into static sites. Security should focus on moderation endpoint protection, anti-spam policy, and reverse-proxy hardening.
¶ 1) Restrict admin and moderation endpoints
- expose moderation UI only behind authenticated reverse-proxy access
- keep Isso admin credentials strong and unique per deployment
- avoid direct internet exposure of management endpoints without TLS
- enable and tune Isso moderation thresholds and blacklist controls
- apply request rate limits and body-size limits at proxy layer
- review pending comments regularly to prevent delayed abuse publication
¶ 3) Secure filesystem and database state
- protect SQLite or external DB files with least-privilege filesystem access
- keep backups encrypted if comments include personal data
- patch Python runtime and Isso release versions on a regular cadence
- Isso project site: https://isso-comments.de/
- Isso source repository: https://github.com/isso-comments/isso
Any questions?
Feel free to contact us. Find all contact information on our contact page.