I built a simple page with Django from this tutorial https://wsvincent.com/django-image-uploads/.
How do I enable https on it so that the uploaded posts can not be seen in the clear on the network?
I currently not running apache, tomcat or Nginx but can if that is the only way.
I read the SSL/HTTPS of the Django documentation https://docs.djangoproject.com/en/2.1/topics/security/#ssl-https on Django security but is that something I configure within the Django framework or are those settings for a web server like Apache.
Thank you.
Have you used or heard of CloudFlare? (for speed but also a free enabling of HTTPS)
Link: https://www.cloudflare.com/lp/overview-x/?_bt=308976257739&_bk=cloudflare&_bm=e&_bn=g&_bg=58800278543&_displaycampaign=&gclid=EAIaIQobChMIhtfCr7CJ4gIVzbHtCh38jwvKEAAYASAAEgKnOPD_BwE
You simply enter the URL of your website (if it is all set up) and then enable HTTPS. Read their terms and conditions of course, but it is fantastic.
Related
I have made a project in the framework Django and I am setting up SSL encryption so it gets https instead of http and removes the safety sign in browsers. In the installation process of Certbot I am asked which software it is running. Django is sadly not an option. I've heard that Django often gets under the category Apache or Nginx, but I am not sure which one my Django project is.
It is an Ubuntu server.
https://certbot.eff.org/
https://letsencrypt.org/getting-started/#with-shell-access
The answer is any of them. I believe you have 2 options, install certbot-django or stop django server and let certbot to create a certificate for you, and then adapt it to django appropriately.
Django is neither.
Apache or Nginx is the web server that will serve your Django application - Django has no bearing or opinion on that.
You just need to figure our which webserver you're using and go from there. If you haven't already set up the webserver then you'll need to pick one and follow a tutorial to set it up.
For example, here's how to set up Nginx with Django. But please do your own research on which one is best for you and your situation. An alternative to both could be Caddy for example.
I've got a little Django site in which users can link to images on other sites in their comments. It's by no means a core feature.
I've just moved the entire site to SSL. That has worked fine for the most part but remote images are obviously not always going to be available over SSL. Only the slightest number of domains have valid certificates.
What's the best way to funnel images through then?
Download them when the user posts and alter the URL to a local one?
Make a proxy that just proxies another URL?
The second seems like less work (I feel like it would be possible just with NGINX rules) but that it would also open the site up to people using my proxy for their own nefarious gain... Which I'd like to avoid.
What's the best compromise here?
Github ran into this same issue when they moved to HTTPS everywhere and detailed it in their blog: https://github.com/blog/743-sidejack-prevention-phase-3-ssl-proxied-assets
Their solution was to create a proxy server which they open sourced as https://github.com/atmos/camo To address the same concerns about abuse of the proxy it is deployed with a shared secret with the application server. Integrating this would a Django project would be straight forward as you would just need to generate the digest from the shared key for the given image url.
I'm new to mezzanine and Django. I have set up a site, everything is working but I can only launch the server on "development". I would like to access de site on the port 80 on the internet instead of internally, as I have no way other than redirecting the port via SSH to access it. I would like to know how to do that.
And another question, is Nginx included with Mezzanine automatically ? Cause I have a tuned up Nginx server there and I'm not sure what I need to do, if run it with my existing Nginx server or with the one included with Django if that is how it works .... thank you for bring some light on this.
NGINX is not included with Mezzanine, it's an entirely separate piece of software, similar to Apache.
Mezzanine includes a fabric script which can automatically set up a production server if you'd like to use it, and will install NGINX on the server for you, among many other things.
Given your question, I can't recommend enough that you read and understand all the related documentation on this topic. Start with the Mezzanine link below, it references many other documentation sites - Django, Fabric, NGINX, plus more.
Enjoy the adventure: http://mezzanine.jupo.org/docs/deployment.html
I'm a complete newbie when it comes to sysadmin/deployment. Here's what I'm hoping to accomplish:
Have domain.com be a normal WordPress site.
Have either domain.com/app or app.domain.com be a Django webapp.
Hosting on Linode.
Quick and easy updates of the Django webapp code.
From what I can tell, gunicorn is an elegant way to serve the Django webapp, while WordPress fits most naturally with Apache. Meanwhile, nginx is recommended as a proxy in front of gunicorn and also seems to be used to improve performance of WordPress sites.
So what I'm thinking is: use nginx as a proxy server that routes all incoming web requests to either gunicorn (for the Django wepapp) or Apache (for the WordPress site). The Linode host would be running nginx, gunicorn, and Apache simultaneously.
Meanwhile, for updates of the Django webapp, I can simply update to the latest version of the code via github.
Does all that make sense? Am I even understanding things conceptually correctly? Or barking up the wrong tree entirely? (For instance can/should I just use a single Apache server to route requests to either WordPress or the Django app based on URL?) What gotchas and issues should I keep in mind as I research how to get this running nice and smoothly?
UPDATE: I've side-stepped all of this by (1) using Heroku to host my Django app, (2) using a CNAME record to map app.domain.com to the Heroku-hosted Django app, and (3) leaving (for now) the WordPress site on its existing host at domain.com. Thankfully, after gaining great new respect for what sysadmins and db admins do as I investigated all this, now I can get back to coding!
#Ghopper21
+1 for your question first.
Now, This is really interesting to know how it's possible in real time execution. I checked with some of my geek friends and I found tremendous response, here are some of suggestion with reference I got after brainstorming with them.
First of all check this link for deploying & running WP altogether with Django on Nginx +uWSGI...
These two threads of support forums from Webfaction.com gives you more idea about how they are recommending it to their client...
Deploying Django and Wordpress in same domain
wordpress + django on same account - advisable or not?
Hey, I got one support ref. of Stack Overflow itself, which is explaining how to achieve it on APACHE server...
How do I run Django and PHP together on one Apache server?
And last but not least, the one where a geek like us integrated WP with Django...
Integrate WordPress and Django
So I have a domain, lets call it patrick.net. I also have a remote server at some IP address, let's say 123.435.789.000. Developing a Django framework and have all of the URLs set up. How do I make the transition from http://localhost:8000/profile to http://patrick.net/profile?
If you're hosting the application on your own server, you should review the Django docs on deployment: https://docs.djangoproject.com/en/dev/howto/deployment/ There's a lot of variables in terms of what your system setup will look like, so there's no easy answer.
If your needs are less complex, I'd recommend a more managed solution like Webfaction or Heroku