Our Commitment to Web Security

We take the security of your information seriously. Here are some of the general practices and principles we keep in mind to help protect data and ensure a safe browsing experience:

Django's Built-in Security Features

This site is built with the Django web framework, which is based on the Python programming language. Django is designed with security in mind and provides several protections against common web vulnerabilities by default.

  • Cross-Site Scripting (XSS) Protection: Django's template system, by default, escapes variables unless they are explicitly marked as safe. This helps prevent malicious scripts from being injected into pages and executed in users' browsers.
  • Cross-Site Request Forgery (CSRF) Protection: Django makes it easy to enable CSRF protection globally. This ensures that forms (POST requests) are genuinely submitted from your own site, protecting against actions being performed on a user's behalf without their consent. Our contact form utilizes this protection.
  • SQL Injection Protection: Django uses a built-in Object-Relational Mapper (ORM) for database interactions. This means that database queries are constructed safely, significantly reducing the risk of SQL injection vulnerabilities. While raw SQL queries are possible, they are not typically used in standard development and are handled with care when necessary.

    • General Web Security Principles

    Beyond specific form handling, we aim to follow general web security best practices:

    • Regular Updates: We keep our server software, Django framework, and any other dependencies updated to protect against known vulnerabilities.
    • Input Validation: We validate data submitted to our site to prevent common web attacks like SQL injection or Cross-Site Scripting (XSS), though for a simple contact form, the risks are managed primarily through Django's built-in protections.
    • Principle of Least Privilege: Our application and database users are configured with only the necessary permissions to perform their tasks.

    Cloudflare security

    The Cloudflare HTTP DDoS Attack Protection managed ruleset is a set of pre-configured rules used to match known DDoS attack vectors at layer 7 (application layer) on the Cloudflare global network. The rules match known attack patterns and tools, suspicious patterns, protocol violations, requests causing large amounts of origin errors, excessive traffic hitting the origin/cache, and additional attack vectors at the application layer. Cloudflare updates the list of rules in the managed ruleset on a regular basis. Refer to the changelog for more information on recent and upcoming changes. The HTTP DDoS Attack Protection managed ruleset is always enabled — you can only customize its behavior. The HTTP DDoS Attack Protection managed ruleset provides users with increased observability into L7 DDoS attacks mitigated by Cloudflare, informing users of ongoing or past attacks. The Security Events dashboard, available at Security > Events, will display information about the top HTTP DDoS managed rules.

    Your Role in Security

    While we do our part, your security also depends on your own practices:

    • Use strong, unique passwords for any online accounts.
    • Keep your browser and operating system updated.
    • Be cautious about links and attachments from unknown sources.

    This page provides a general overview. If you have specific security concerns, please feel free to reach out through our contact form.

    Return to Contact Page

    Customer Remarks

    Gordon changed out various light fixtures at our house and added a couple of lights in our bedroom. He is the best worker I've met. Not only was he on time but also was clean courteous and totally professional. A couple of times I asked him to relocate or change a fixture height and he was nothing but pleasant and showed a positive attitude. I know that next time we have electrical work to be done, he will definitely be our first consideration when we call someone. Outstanding! Sincerely, Antoinette Castle Pines Colorado

    - Antoinette

    I just wanted to let you know how happy my wife and I are with the electrical work that was done in our home. It included a complete upgrade and added services that we have talked about getting done for years . The electrician was Gordon and I feel that he did an outstanding job. He went out of his way to make sure all the customer needs were met. Even the inspector said that whoever did the electrical work had done exactly by the book. I would be happy to recommend Gordon to other people.

    - Art Edgarian

    Gordon Hampton did an excellent job for us when he helped us on our residential service change . He was prompt courteous with our customer and completed the job in a timely manner. His work was even noticed by the electrical inspector for going beyond the minimum code requirements. Gordon has a friendly personality and is easy to work with. We would definitely hire him again if the need arose . Sincerely Dave Warner, president

    - Dave Warner

    "Affordable and reliable. I'm very satisfied with the work done. My go-to electrician now!"

    - Bob K.