Skip to content


Switch branches/tags

Latest commit


Git stats


Failed to load latest commit information.
Latest commit message
Commit time


Python application basic tests Latest release License Translation status pre-commit

Fit4Cybersecurity is a self-assessment tool by CASES to help business owners implement a better cybersecurity strategy.

This tool allows instantiation of the following self-assessment websites:


Please read the CONTRIBUTING instructions.


The following instructions are detailed in the installation script.


$ sudo apt install gettext postgresql

$ sudo apt install make build-essential libssl-dev libbz2-dev \
    libreadline-dev libsqlite3-dev curl llvm libncurses5-dev libncursesw5-dev \
    xz-utils tk-dev libffi-dev liblzma-dev libxml2-dev libxslt-dev libpq-dev python3-openssl

# Pillow prerequisites for Ubuntu 16.04 LTS - 20.04 LTS:
$ sudo apt install libtiff5-dev libjpeg8-dev libopenjp2-7-dev zlib1g-dev \
    libfreetype6-dev liblcms2-dev libwebp-dev tcl8.6-dev tk8.6-dev python3-tk \
    libharfbuzz-dev libfribidi-dev libxcb1-dev

# To install WeasyPrint inside a virtualenv using wheels
$ sudo apt install libpango-1.0-0 libharfbuzz0b libpangoft2-1.0-0

Set up your Python environment

$ curl | bash
$ CONFIGURE_OPTS=--enable-shared pyenv install 3.10.0 # install latest stable Python with shared libraries support, only if you want to use mod_wsgi later.
$ pyenv global 3.10.0 # make this version default for the whole system
$ pyenv versions # check
$ curl -sSL | python -

Install the application

$ git clone
$ cd Fit4Cybersecurity
$ npm ci
$ poetry install --no-dev

Configure application

Create and configure a file csskp/ based on csskp/ Settings in the CUSTOM dictionnary will be automatically discovered by the software and can be used in HTML templates.

# Configure production settings:
$ cp csskp/ csskp/

# Create a virtualenv, collect static files and compile the translations:
$ poetry shell
$ python collectstatic # Copy static files required by Django Admin
$ python makemessages -a --keep-pot -e html,txt,py,json  # extract the translations
$ python compilemessages # Compile the translations

# Initialize the database:
$ sudo -u postgres createdb fit4cybersecurity  # Name of the database as in
$ python migrate

# Import questions, answers and recommendations:
$ python import_questions data/fit4cybersecurity/questions.json
# Optionally, import the context questions (will be asked to the user before the survey start):
$ python import_questions data/fit4cybersecurity/context-questions.json

# Create a user for the admin interface:
$ python createsuperuser --username <username>

In the configuration file , ensures that PUBLIC_URL and the other variables are configured for your instance.

You must really set your secret keys:

Here is an example for the Fernet hash key:

$ python
Python 3.10.0 (default, Oct  7 2021, 11:22:39) [GCC 10.3.0] on linux
Type "help", "copyright", "credits" or "license" for more information.
>>> from cryptography.fernet import Fernet
>>> Fernet.generate_key()

For the Django secret key, you can for example use from django.utils.crypto import get_random_string, at your convenience.

Run the application

$ python runserver # not for production

For production you can use Gunicorn (an example file for use with Nginx is provided in the contrib folder) or mod_wsgi and turn off the debug mode in the configuration file.

Configuration with Apache and mod_wsgi

$ sudo apt install apache2 apache2-dev # apxs2
$ wget
$ tar -xzvf 4.9.0.tar.gz
$ cd mod_wsgi-4.9.0/
$ ./configure --with-apxs=/usr/bin/apxs2 --with-python=/home/<user>/.pyenv/shims/python
$ make
$ sudo make install

Then in /etc/apache2/apache2.conf add the lines:

LoadFile /home/<user>/.pyenv/versions/3.10.0/lib/
LoadModule wsgi_module /usr/lib/apache2/modules/

Restart Apache:

sudo systemctl restart apache2.service

Create an Apache VirtualHost, then configure HTTPS properly. Below is an example:

sudo apt install certbot python3-certbot-apache
sudo certbot certonly --standalone -d
sudo a2enmod rewrite
sudo systemctl restart apache2.service

Deploy with a Dockerized environment (for development purposes)

$ whitelabel={NameOfWhitelabel} docker-compose up -d

{NameOfWhitelabel} - is the launching site name (e.g. fit4cybersecurity).

The server will be listening at

The login for the Django Admin interface will be admin and the password will be password.

Upgrading the application

$ cd Fit4Cybersecurity/
$ git pull origin master --tags
$ npm ci
$ poetry install --no-dev
$ poetry run python collectstatic
$ poetry run python migrate
$ poetry run python compilemessages

Restart Apache if needed.

Updating the translations

If you want to update the translations (in the case you have locally changed the source code), you must first run:

$ python makemessages -a --keep-pot -e html,txt,py,json # extract the translations

Then you can use a tool like poedit to translate the strings and you can compile with the previously mentioned command.

If you want to re-generate the .pot template file:

$ python makemessages -a --keep-pot

Templates customization per site.

It is possible to customize specific templates for each available site. This can be done by creating a folder with the site_name config parameter value and place it under the same directory as it is located under the original templates. The new template will be loaded automatically if exists,can inherit the parent template and only override its specific blocks.

Updating the OpenAPI Schema

If you have updated the API, you can generate a new OpenAPI Schema:

$ python generateschema --file static/survey/api/openapi-schema.yml


This software is licensed under GNU Affero General Public License version 3

Copyright (C) 2019-2022 SECURITYMADEIN.LU