[Fixed]-How can you tell if a site has been made with Django?


This is quite an old question, but I don’t see any canonical answers. As the other answers have noted though, there’s no sure-fire way to know, and if someone wanted to hide the fact that they’re using Django, they can. That said, you can always do a little detective-work and determine with some confidence whether it uses Django or not. If that’s your goal, here are some strong indicators you can look out for:

Admin Panel

First and foremost, check if the site has a /admin/ page. If it does, and it gives that familiar Django admin login page, you’re 99% sure (unless someone went through a lot of trouble to make it look like Django).


There are a number of things you can look out for in forms:

  • Form fields with id attributes starting with id_
  • Check for a hidden field with the name csrfmiddlewaretoken
  • If the site has a formset, check for -TOTAL-FORMS and -DELETE hidden inputs.


  • If the site uses the contrib.auth package for authentication, you will probably see a cookie called sessionid being set when you log in.
  • Forms will also probably set a cookie called csrftoken.

Trailing Slashes

Trailing slashes after URLs, and/or redirecting you to the page with a trailing slash if you try to go to one without it. This is Django’s default behavior, and to my knowledge not extremely common in other frameworks. Note, though, that it can be easily deactivated in Django.

Error Pages

Failing all this, or still not being convinced, you can try to force error pages, and try to learn something from that. Go to an unmapped URL with a 404 page, and see if DEBUG still happens to be true (in which case you should probably notify the owner that they’re not being very secure about their site).


You can try a few things, such as attempting to find error pages, and checking the default location of the administration panel that Django creates, but overall there’s no way to determine what technologies a given site is using.

See also: https://stackoverflow.com/questions/563316/is-there-a-generic-way-to-see-what-is-a-website-running-on/563335#563335


Look for the csrf input box. This is present on any forms. But this can be turned off though not very recommended. Also if it’s an old version of django this may not exist. But if it’s there it’s a strong indicator.

This is present on any page that have a post form. And it looks like this:

<input type='hidden' name='csrfmiddlewaretoken' value='3b3975ab79cec7ac3a2b9adaccff7572' />


Navigate to a page with a formset, and check if there are *-TOTAL_FORMS or *-DELETE hidden inputs.
That doesn’t prove that they are using Django, but might be a clue that they are (with the mentioned model formsets).



Try to navigate to some 404 error page, or something of that sort. Chances are slim, but try to find a default django error page.

You can also try to login to www.website.com/admin and see if you get the default django admin page.

Other than that, if that didn’t work, then you just can’t.


There are no reliable indicators to my knowledge but you could check the /admin/ URL to see if you get the standard admin app or sometimes the feed-URLs use a common prefix compared to a common suffix (although this might not be an indicator at all but just a preference of the developers).

Trying to trigger a debug page (either via a 404 or using some broken input that might case an internal error) might also be a good way (although this acts more as a test of competency of the original developers and admin than anything else ๐Ÿ™‚ )


Could you ask the airline and / or the furniture store? I’m guessing that you want to know if this company has good experience in django, I think it is reasonable to ask for references if you are considering working with them.

The other companies may be quite happy to discuss what technologies were used – some are and some aren’t, but it’s worth asking.


Leave a comment