[jpulec]

I'm of the belief that you should reveal as little information as possible regarding your web stack. This alone indicates that they're running Django, although that could probably could have been guessed pretty easily considering it is Python.org . Also, from a security perspective, I would prefer to have the admin site only accessible from an internal network, perhaps on a subdomain, and require people to use a VPN to make any sort of admin changes.

[donaldstufft]

The entire site is Open Source. If you rely on obscurity for security then you've done it wrong.

VPN and the like would be nice but not hardly required.

[Pacabel]

He's not saying you should rely solely on obscurity for security. He's saying that, in addition to other basic security precautions, the use of obscurity is a good idea. The less a potential attacker knows, the better.

[rhizome31]

The reason for serving the admin under a non standard URL is rather to get rid of requests issued by robots who are not clever enough to realize it's open source. It's similar to not having your SSH server listening on port 22, which is a pretty common thing to do. Shouldn't be relied on for security, but it declutters log files.

[andymckay]

The stack is open https://github.com/proevo/pythondotorg

[rectangletangle]

It couldn't hurt, but you shouldn't have to rely on obscurity. Then again it's Python's home page, so it'd be pretty easy to guess that it's probably using Django (especially now that it supports 3). Also it's kind of a dick move to maliciously attack a project as beneficial as Python.

Also, does Ruby's official site run on rails?

[straws]

Jekyll, actually. Doesn't matter.