Using Apache to serve Django project on RHEL (503 error) - django

I am a newbie to the whole website thing... Would really appreciate if you could give some help here...
What I want to do is host a Django project on a remote server (red hat, CentOS release 6.5)
I've been running test of the project on a remote server using the development server and port 8000:
python manage.py runserver *.*.*.*:8000 --insecure
In this case, the website works fine and accessible from other machines.
0 errors found
September 04, 2014 - 08:13:03
Django version 1.6.4, using settings 'mysite.settings'
Starting development server at http://*.*.*.*:8000/
Quit the server with CONTROL-C.
Now I want to put it in production, and I've chosen to use Apache http server and mod_wsgi. I have httpd and wsgi installed and activated. I changed the httpd.conf configuration file to:
Listen *:80 (I've also tried Listen *:8000 and Listen (IP address):8000)
#DocumentRoot "/var/www/html"
DocumentRoot "/testsite" (I put a plan html file under the directory just for test)
ServerName <here is the url of the site,with no port number>
However, when I try to open the webpage I am always having a 503 error:
Service Temporarily Unavailable
The server is temporarily unable to service your request due to maintenance downtime
or capacity problems. Please try again later.
Apache/2.2.3 (CentOS) Server at <site url> Port 80
I tried a couple of things (1) checked what's using the port 80:
~# sudo lsof -i :80
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
httpd 28732 root 4u IPv6 19802111 0t0 TCP *:http (LISTEN)
httpd 28734 apache 4u IPv6 19802111 0t0 TCP *:http (LISTEN)
httpd 28735 apache 4u IPv6 19802111 0t0 TCP *:http (LISTEN)
httpd 28736 apache 4u IPv6 19802111 0t0 TCP *:http (LISTEN)
httpd 28737 apache 4u IPv6 19802111 0t0 TCP *:http (LISTEN)
httpd 28738 apache 4u IPv6 19802111 0t0 TCP *:http (LISTEN)
httpd 28739 apache 4u IPv6 19802111 0t0 TCP *:http (LISTEN)
httpd 28740 apache 4u IPv6 19802111 0t0 TCP *:http (LISTEN)
httpd 28741 apache 4u IPv6 19802111 0t0 TCP *:http (LISTEN)
~# service httpd status
httpd (pid 28732) is running...
(2) restart the apache server:
service httpd restart
Stopping httpd: [ OK ]
Starting httpd: [ OK ]
(3) placed a plain .html in /var/www/html/testsite, the DocumentRoot directory for testing.
(4) I tried to run the django on a different port (such as 8008, 8001 and 80)
e.g. python manage.py runserver *.*.*.*:8008 --insecure
0 errors found
September 04, 2014 - 07:56:18
Django version 1.6.4, using settings 'mysite.settings'
Starting development server at http://*.*.*.*:8008/
Quit the server with CONTROL-C.
As shown above, in the terminal it looks like it's working , but I cannot even access the website from remote machines even using the development server. I tried different port numbers but only the port 8000 can be used. But why can I open the webpage on localhost when I change the port number? e.g. 127.0.0.1:8008 or 127.0.0.1:8080 will work.
I guess it can be the firewall setting, then I went to /etc/sysconfig/iptables, I found under the web section, there was only one line:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8000 -j ACCEPT
Then I added another line for testing:
-A INPUT -m state --state NEW -m tcp -p tcp --dport 8001 -j ACCEPT
Then tried the development again with port 8001. Again, it looks like it's woking on the remote server but not accessible from remote machines.
Sorry if I made this confusing and if I asked something really silly. Now, I have three questions that I really don't understand. First of all, the 503 error really annoys me. Even it shows the apache server is running (restart httpd is OK), nothing actually displays... Second of all, when using the development server why can I only use port 8000 but not any else? Finally, in the 503 error message, it shows apache runs on Port 80 even after I changed the Listen port to 8000 in the configuration file, why is this?
Thanks ahead for any help!

If that is your only configuration I don't see how Apache could be aware of your Django running 8000. There is no indication that you are making Apache to connect or proxy requests to running Django instance.
What you need to do is
Configure mod_wsgi for Apache
or
Configure fgci for Apache
You are free to choose any port with Django development server. You can configure the IP address and the port the development server listens to with command line parameters.
You can make the Django development server to listen all IP addresses, including public IP addresses on the server, as:
python manage.py runserver 0.0.0.0:8000
Also Apache logs can be read at /var/log/apache (or similar directory), so it should explain why you are getting 503.
I doubt iptables are not related to any way to your problem, but somehow Django development server is not listening to public IP address. You can easily try this by disabled iptables firewall on the server.

Related

Firewall restricting Django Server

I am running django server on my local ip (192.168.86.122:8000) but the windows firewall seems to block the connection.
Any suggestion would be really helpful.
Your network facing ports are probably blocked.
Either use localhost instead:
py manage.py runserver 127.0.0.1:8000
Or allow port 8000 on your windows firewall:
netsh firewall add portopening TCP 8000 "Django Dev Server"

How to run daphne in localhost with https and mkcert

I am trying to run a django-channels project locally using https (the app has a facebook login that requires https).
I have followed the instructions for generating a key and certificate using mkcert ( https://github.com/FiloSottile/mkcert ) and have attempted to use the key and certificate by running daphne -e ssl:443:privateKey=localhost+1-key.pem:certKey=localhost+1.pem django_project.asgi:application -p 8000 -b 0.0.0.0
The server seems to be starting OK however when I try to visit https://0.0.0.0:8000 nothing happens and eventually I get a 'took too long to respond' message.
No new output is added to the standard daphne output that appears when I start up the server:
2019-07-16 19:23:27,818 INFO HTTP/2 support enabled
2019-07-16 19:23:27,818 INFO Configuring endpoint ssl:8443:privateKey=../sec/localhost+1-key.pem:certKey=../sec/localhost+1.pem
2019-07-16 19:23:27,823 INFO Listening on TCP address 0.0.0.0:8443
2019-07-16 19:23:27,823 INFO Configuring endpoint tcp:port=8000:interface=0.0.0.0
2019-07-16 19:23:27,824 INFO Listening on TCP address 0.0.0.0:8000
Can anyone help with this?
You should map the 8000 host port to port 443 of the container while runnig the server.
docker run ... -p 8000:443 ...
Turns out that setting up the Twisted ssl stuff overrides the port that you're setting up in daphne, so in the example above, the site would be shown on port 443

port number not accessible when running webpack-dev-server

I have a centOS 7.2 box as my web server hosted in aws. I found something interesting : when I run my web site using a nginx docker container, I'm able to access it from my local machine. i.e. run docker command
docker run -d -p 8000:80 my-nginx-image
and access the web site through the below url (my local machine is connected to that aws host machine via a vpn connection)
http://10.77.20.253/index.html
This works perfectly well. However, when I try to host the site using webpack-dev-server, i.e.
webpack-dev-server --host 0.0.0.0 --port 8000
I can access it from that web server with no problem, but I can't access it from my local machine. I always get a timeout error.
I then did a
netstat -anp
on that linux box, I noticed that when running from docker, it is listening on
:::8000
while when I run from wds, it was listening on
0.0.0.0:8000
I'm not sure what i'm missing here, so far I have tried
webpack-dev-server --host localhost --port 8000
webpack-dev-server --host 127.0.0.1--port 8000
webpack-dev-server --host 10.77.20.253 --port 8000 (the internal ip address)
but none of them works.
Any thoughts on it??

Why can I connect to http://127.0.0.1:8000/ but not to http://192.168.1.6/

I'm running OS X Mountain Lion on a machine with local IP address 192.168.1.6 (as reported by both the Network utility and ifconfig) and am running a local (Django) development web server on port 8000 that I would like to connect to from a virtual machine running a guest OS on the same machine.
On the host OS (ie, OS X running on the metal of the machine w/ address 192.168.1.6) I can connect to my test web server through the browser by navigating to 127.0.0.1:8000; or localhost:8000; but not when using the machine's local IP address. Here's what makes this extra confusing:
The router is not filtering the ports; and, just to be sure, I've set it to explicitly forward ports 8000 and 22 to 192.168.1.6; And speaking of port 22,
When I start the SSH service, I can connect (from the command line) via ssh 192.168.1.6
It's not a browser issue, because I also can't telnet to 192.168.1.6 port 8000 (connection refused) while I can telnet to 127.0.0.1 port 8000, and I can also telnet to 192.168.1.6 port 22
The firewall is set to off (as reported in System Preferences) but to be extra safe, I've also set an ipfw rule to allow everything through
Here are the ipfw rules:
00100 allow tcp from any to any dst-port 8000
65535 allow ip from any to any
Here is additional confirmation that the port is, indeed, being listened to by my test server:
netstat -an | grep 8000
tcp4 0 0 127.0.0.1.8000 *.* LISTEN
so what's going on here? Somehow port 22 is being treated differently than port 8000, but every place I can think to look for those differences I can't find any. Why can't I get into this machine's port 8000 using its local ip address?
When you start Django development server you need to give the address explicitly:
python manage.py runserver 192.168.1.6:8000
Or if you want the server to run on all interfaces you can use:
python manage.py runserver 0.0.0.0:8000
In other case Django development server defaults to running on the local interface only.
The problem for me was I accidentally quit the server whenever trying to copy the server address. So instead of using ctrl+C just write down the address into your browser.
I solved the issue.There are a few things you might be missing.Listing them below-
1.Once it starts the server, do not press Ctrl+C anyhow .u might be pressing it to copy to url and that accidently closes the server due to which it might be happening.
2.instead of http://127.0.0.1:8000/ ...change the port number to http://127.0.0.1:8080/ ...That would work.
3.Try changing the firewall setting and allow the app.
4.Try opening it with different browsers and incognito too.
The above steps helped solve my issue.Hope they help u too...:)

Why does Gunicorn use port 8000/8001 instead of 80?

I busy setting up a development environment for Django Framework using Gunicorn (as Django service) and NGINX (as a Reverse Proxy).
When I look at several tutorials like this one and this one, I see that they use port 8000 and port 8001 (http://127.0.0.1:8000 and http://127.0.0.1:8001). Is there a special reason not to use port 80, like any other webserver?
Port 8000 is often used for radio streaming and malware, so why?
BTW: I am running it using Virtualenv on a Ubuntu 12.04 system.
All ports under 1024 are privileged ports. To bind to a privileged port requires root user permissions and typically you don't want to run gunicorn with root level permissions.
What's done instead is to allow nginx to bind to 127.0.0.1:80 and then proxy requests to port 80 to a non-privileged port like 8000 using an nginx configuration like:
server {
location / {
proxy_pass http://127.0.0.1:8000;
}
}
NGINX listens on port 80 and forwards to Gunicorn. Gunicorn operates on the 127.0.0.1 IP rather than 0.0.0.0, so it isn't listening publicly, and therefore the only way to access the site externally is through port 80.