I have deployed Django with Apache and mod_wsgi following the official documentation and other posts. While I have my site working I am concerned that I may have gotten my setup wrong. I'd like some advice on my setup and if it is following best practices. Please let me know if you see problems with this setup. Thanks, Lee
wsgi.py
import os
import sys
sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), "../../")))
sys.path.insert(0, os.path.abspath(os.path.join(os.path.dirname(__file__), "../")))
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "DjangoProject.settings")
from django.core.wsgi import get_wsgi_application
application = get_wsgi_application()
settings.py
...
ALLOWED_HOSTS = ['DjangoProject.example.com']
STATIC_ROOT = "/var/www/DjangoProject/static/"
STATIC_URL = '/static/'
....
/etc/apache2/apache2.conf - other settings are above this line
...
WSGIPythonPath /var/www/DjangoProject/DjangoProject:/var/www/DjangoProject/env/lib/python2.6/site-packages
/etc/apache2/httpd.conf - no other settings but this line deployed
WSGIPythonPath /var/www/DjangoProject:/var/www/DjangoProject/DjangoProject:/var/www/DjangoProject/env/lib/python2.6/site-packages
/etc/apache2/sites-available/default
NameVirtualHost *:8080
<VirtualHost *:8080>
ServerAdmin webmaster@localhost
DocumentRoot /var/www
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /var/www/>
Options Indexes FollowSymLinks MultiViews
AllowOverride None
Order allow,deny
allow from all
</Directory>
ScriptAlias /cgi-bin/ /usr/lib/cgi-bin/
<Directory "/usr/lib/cgi-bin">
AllowOverride None
Options +ExecCGI -MultiViews +SymLinksIfOwnerMatch
Order allow,deny
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
<VirtualHost *:80>
##############################
## DjangoProject WSGI ##
##############################
ServerName DjangoProject.example.com
Alias /favicon.ico /var/www/DjangoProject/DjangoProject/static/favicon.ico
AliasMatch ^/([^/]*\.css) /var/www/DjangoProject/MyApp/static/MyApp/css/$1
Alias /media/ /var/www/DjangoProject/DjangoProject/media/
Alias /static/ /var/www/DjangoProject/MyApp/static/
<Directory /var/www/DjangoProject/MyApp/static>
Order deny,allow
Allow from all
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 seconds"
ExpiresByType text/html "access plus 1 seconds"
ExpiresByType image/gif "access plus 10080 minutes"
ExpiresByType image/jpeg "access plus 10080 minutes"
ExpiresByType image/png "access plus 10080 minutes"
ExpiresByType text/css "access plus 60 minutes"
ExpiresByType text/javascript "access plus 60 minutes"
ExpiresByType application/x-javascript "access plus 60 minutes"
ExpiresByType text/xml "access plus 60 minutes"
ExpiresByType text/xml "access plus 60 minutes"
</IfModule>
</Directory>
<Directory /var/www/DjangoProject/DjangoProject/media>
Order deny,allow
Allow from all
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 seconds"
ExpiresByType text/html "access plus 1 seconds"
ExpiresByType image/gif "access plus 10080 minutes"
ExpiresByType image/jpeg "access plus 10080 minutes"
ExpiresByType image/png "access plus 10080 minutes"
ExpiresByType text/css "access plus 60 minutes"
ExpiresByType text/javascript "access plus 60 minutes"
ExpiresByType application/x-javascript "access plus 60 minutes"
ExpiresByType text/xml "access plus 60 minutes"
</IfModule>
</Directory>
WSGIDaemonProcess DjangoProject.example.com processes=2 threads=15 display-name=%{GROUP}
WSGIProcessGroup DjangoProject.example.com
WSGIScriptAlias /MyApp /var/www/DjangoProject/DjangoProject/wsgi.py
WSGIScriptAlias / /var/www/DjangoProject/DjangoProject/wsgi.py
<Directory /var/www/DjangoProject/DjangoProject>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
<IfModule mod_expires.c>
ExpiresActive On
ExpiresDefault "access plus 1 seconds"
ExpiresByType text/html "access plus 1 seconds"
ExpiresByType image/gif "access plus 10080 minutes"
ExpiresByType image/jpeg "access plus 10080 minutes"
ExpiresByType image/png "access plus 10080 minutes"
ExpiresByType text/css "access plus 60 minutes"
ExpiresByType text/javascript "access plus 60 minutes"
ExpiresByType application/x-javascript "access plus 60 minutes"
ExpiresByType text/xml "access plus 60 minutes"
</IfModule>
</Directory>
AddType audio/mpeg .mp1 .mp2 .mp3 .mpg .mpeg
</VirtualHost>
Setting:
DocumentRoot /var/www
as you have is dangerous for a start.
You should never set DocumentRoot directory to be a parent directory of where your Django project is being stored. If you stuff up other parts of your configuration it could result in your Django settings file being downloadable, including any database passwords.
Collected from the Internet
Please contact [email protected] to delete if infringement.
Comments