I'm deploying a Django 1.5 with two sites, each one is independent from the other one (each one has its own database), but these two sites are subdomains: one is new.mydomain.com and the other dev.mydomain.com. I'm using Apache with mod_wsgi.
The problem is: I'm Authenticating against Django’s user database from Apache correctly, but when I try to use Django groups with the Apache authentication I get the following situation:
I can login to one of the subdomains e.g. new without problems, but if I try to login to the other one (dev) I can't. Apache says that the user isn't in the allowed groups. Then if I restart Apache and try to login to dev (which was impossible before) then there is no problem here, but now it's impossible to login with the other subdomain new!
To sum up: I can't login to the two sudomains at the same time, no matter which (allowed) users I use.
The virtualhost for new subdomain is (the other one looks like this one changing paths):
<VirtualHost *:80>
ServerName new.mydomain.com
ServerAlias www.new.mydomain.com
ServerAdmin caumons#gmail.com
Alias /robots.txt /var/www/sites/master/EurekaStart.git/EurekaStart/robots.txt
Alias /favicon.ico /var/www/sites/master/EurekaStart.git/EurekaStart/static_collected/img/favicon.ico
Alias /static/ /var/www/sites/master/EurekaStart.git/EurekaStart/static_collected/
<Directory /var/www/sites/master/EurekaStart.git/EurekaStart/static_collected>
Order deny,allow
Allow from all
</Directory>
Alias /media/ /var/www/sites/master/EurekaStart.git/EurekaStart/media/
<Directory /var/www/sites/master/EurekaStart.git/EurekaStart/media>
Order deny,allow
Allow from all
</Directory>
WSGIDaemonProcess eureka-startups.com python-path=/var/www/sites/master/EurekaStart.git:/var/www/sites/master/EurekaStart.git/env/lib/python2.7/site-packages
WSGIProcessGroup eureka-startups.com
WSGIScriptAlias / /var/www/sites/master/EurekaStart.git/EurekaStart/wsgi.py
<Directory /var/www/sites/master/EurekaStart.git/EurekaStart>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
<Location "/">
AuthType Basic
AuthName "Enter your guest user & password"
Require group guest
Require valid-user
AuthBasicProvider wsgi
WSGIAuthUserScript /var/www/sites/master/EurekaStart.git/EurekaStart/wsgi.py
WSGIAuthGroupScript /var/www/sites/master/EurekaStart.git/EurekaStart/wsgi.py
</Location>
ErrorLog /var/www/sites/master/EurekaStart.git/logs/apache/error.log
TransferLog /var/www/sites/master/EurekaStart.git/logs/apache/access.log
</VirtualHost>
The wsgi.py file for new subdomain looks like (the wsgi file for dev is exactly like this one):
import os
import sys
from django.core.handlers.wsgi import WSGIHandler
# We need to add the site's root path to sys.path when using Django Authentication for WSGI
SITE_PKG_PATH = os.path.abspath(os.path.dirname(__file__))
SITE_ROOT_PATH = os.path.abspath(os.path.join(SITE_PKG_PATH, '..'))
sys.path.append(SITE_ROOT_PATH)
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "EurekaStart.settings")
# This import MUST be done after setting `DJANGO_SETTINGS_MODULE`
import django.contrib.auth.handlers.modwsgi as modwsgi
def check_password(environ, user, password):
return modwsgi.check_password(environ, user, password)
def groups_for_user(environ, user):
return modwsgi.groups_for_user(environ, user)
application = WSGIHandler()
UPDATE 1:
Many thanks to#GrahamDumpleton :)
I've updated the apache config files and the way I was setting DJANGO_SETTINGS_MODULE. Now, the configuration regarding WSGI for Apache looks like:
In new site:
WSGIDaemonProcess eureka-startups.com python-path=/var/www/sites/master/EurekaStart.git:/var/www/sites/master/EurekaStart.git/env/lib/python2.7/site-packages
WSGIProcessGroup eureka-startups.com
<Location "/">
AuthType Basic
AuthName "Enter your guest user & password"
AuthBasicProvider wsgi
Require group guest
Require valid-user
WSGIAuthUserScript /var/www/sites/master/EurekaStart.git/EurekaStart/wsgi.py application-group=eureka-startups.com
WSGIAuthGroupScript /var/www/sites/master/EurekaStart.git/EurekaStart/wsgi.py application-group=eureka-startups.com
</Location>
In dev site:
WSGIDaemonProcess dev.eureka-startups.com python-path=/var/www/sites/dev/EurekaStart-dev.git:/var/www/sites/dev/EurekaStart-dev.git/env/lib/python2.7/site-packages
WSGIProcessGroup dev.eureka-startups.com
<Location "/">
AuthType Basic
AuthName "Eureka-Startups staff members only"
AuthBasicProvider wsgi
Require group dev
Require valid-user
WSGIAuthUserScript /var/www/sites/dev/EurekaStart-dev.git/EurekaStart/wsgi.py application-group=dev.eureka-startups.com
WSGIAuthGroupScript /var/www/sites/dev/EurekaStart-dev.git/EurekaStart/wsgi.py application-group=dev.eureka-startups.com
</Location>
How are you setting SESSION_COOKIE_DOMAIN?
https://docs.djangoproject.com/en/dev/ref/settings/#session-cookie-domain
and SESSION_COOKIE_NAME?
https://docs.djangoproject.com/en/dev/ref/settings/#session-cookie-name
Are they the same for both sites? The one for the domain should at least refer to the sub domain and not the main domain.
UPDATE 1
Instead of:
WSGIAuthUserScript /var/www/sites/master/EurekaStart.git/EurekaStart/wsgi.py
WSGIAuthGroupScript /var/www/sites/master/EurekaStart.git/EurekaStart/wsgi.py
use:
WSGIAuthUserScript /var/www/sites/master/EurekaStart.git/EurekaStart/wsgi.py application-group=new.mydomain.com
WSGIAuthGroupScript /var/www/sites/master/EurekaStart.git/EurekaStart/wsgi.py application-group=new.mydomain.com
The Python code run by WSGIAuthUserScript and WSGIAuthGroupScript always runs in the Apache child worker processes, never in daemon mode process where the main web application is.
More of a problem in your case is that by default the code runs in the main interpreter (application group) context. Because you have two sites, the code will not be separated.
By using application-group option on those directives, you can force the code for each separate site to run in different sub interpreters of the process they run in. Use a different value for application-group for the other site.
You also cannot use:
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "EurekaStart.settings")
you must use:
os.environ["DJANGO_SETTINGS_MODULE"] = "EurekaStart.settings"
Using dict.setdefault() causes problems when used by more than one site in the same process, even though in different sub interpreters. For more details see:
http://blog.dscpl.com.au/2012/10/requests-running-in-wrong-django.html
Related
In my apache.conf file (see code below°), VirtualHost port 80 configuration works fine. However, in the port 443, the Alias /admin/media/ /usr/local/lib/python2.7/site-packages/django/contrib/admin/media/ shows two issues:
my settings.py has : STATIC_URL = '/m/' and ADMIN_MEDIA_PREFIX = STATIC_URL + 'admin/'
my admin directory is : /home/user/project/virtual-environment/lib/python2.7/site-packages/django/contrib/admin/static/admin/
When I put Alias /m/admin/ /home/user/project/virtual-environment/lib/python2.7/site-packages/django/contrib/admin/static/admin/ it shows error 403 access forbidden.
When I add:
<Directory "/home/user/project/virtual-environment/lib/python2.7/site-packages/django/contrib/admin/static/admin/">
Require all granted
</Directory>
<Directory "/home/user/project/">
<Files django.wsgi>
Require all granted
</Files>
</Directory>
It shows error 404 not found with error_log saying :[wsgi:error] Target WSGI script '/home/user/project/django.wsgi' does not contain WSGI application 'application'
Could you please help me configure my apache virtualhost port 443 to server django admin app?
°My apache.conf file is as below:
#The following two directories must be both readable and writable by apache
WSGISocketPrefix /var/run/apache2/wsgi
#WSGIPythonEggs /var/python/eggs
# the following directory must be readable by apache
WSGIPythonHome /home/user/project/virtual-environment/local/
# NOTE: all urs below will need to be adjusted if
# settings.FORUM_SCRIPT_ALIAS is anything other than empty string (e.g. = 'forum/')
# this allows "rooting" forum at http://domain-name/forum, if you like
#replace default ip with real IP address
<VirtualHost *:80>
ServerAdmin you#domain-name
DocumentRoot /home/user/project/
ServerName domain-name
# aliases to serve static media directly
Alias /m/ /home/user/project/static/
Alias /upfiles/ /home/user/project/askbot/upfiles/
<DirectoryMatch "/home/user/project/askbot/skins/([^/]+)/media">
Require all granted
</DirectoryMatch>
<Directory "/home/user/project/askbot/upfiles">
Require all granted
</Directory>
<Directory "/home/user/project/ask-skins">
Require all granted
</Directory>
<Directory "/home/user/project//static">
Require all granted
</Directory>
#must be a distinct name within your apache configuration
WSGIDaemonProcess askbot2 python-path=/home/user/project:/home/user/project/virtua-environment/lib/python2.7/site-packages
WSGIProcessGroup askbot2
WSGIScriptAlias / /home/user/project//django.wsgi
<Directory "/home/user/project/">
<Files django.wsgi>
Require all granted
</Files>
</Directory>
# make all admin stuff except media go through secure connection
<LocationMatch "/admin(?!/media)">
RewriteEngine on
RewriteRule /admin(.*)$ https://domain-name/admin$1 [L,R=301]
</LocationMatch>
CustomLog /var/log/apache2/domain-name/access_log common
ErrorLog /var/log/apache2/domain-name/error_log
LogLevel debug
</VirtualHost>
#again, replace the IP address
<VirtualHost *:443>
ServerAdmin you#domain-name
DocumentRoot /home/user/project/
ServerName domain-name
<LocationMatch "^(?!/admin)">
RewriteEngine on
RewriteRule django.wsgi(.*)$ http://domain-name$1 [L,R=301]
</LocationMatch>
SSLEngine on
#your SSL keys
SSLCertificateFile /etc/httpd/ssl.crt/server.crt
SSLCertificateKeyFile /etc/httpd/ssl.key/server.key
Alias /admin/media/ /usr/local/lib/python2.7/site-packages/django/contrib/admin/media/
WSGIScriptAlias / /home/user/project/django.wsgi
CustomLog /var/log/httpd/askbot/access_log common
ErrorLog /var/log/httpd/askbot/error_log
</VirtualHost>
My django.wsgi file is as below :
import os
import sys
import time
import traceback
import signal
current_directory = os.path.dirname(__file__)
parent_directory = os.path.dirname(current_directory)
module_name = os.path.basename(current_directory)
sys.path.append(parent_directory)
sys.path.append(current_directory)
os.environ['DJANGO_SETTINGS_MODULE'] = '%s.settings' % module_name
from django.core.wsgi import get_wsgi_application
try:
application = get_wsgi_application()
print 'WSGI without exception'
except Exception:
print 'handling WSGI exception'
# Error loading applications
if 'mod_wsgi' in sys.modules:
traceback.print_exc()
os.kill(os.getpid(), signal.SIGINT)
time.sleep(2.5)
You have a number of things wrong or sub optimal with your configuration.
The first is that when using mod_wsgi daemon mode and have only the one application, it is recommended you force use of the main Python interpreter context. This avoids problems with some third party Python modules that do not work with Python sub interpreters. To do this, add:
WSGIApplicationGroup %{GLOBAL}
to both VirtualHost definitions.
The second is that your SSL VirtualHost is not delegating the WSGI application to run in the same mod_wsgi daemon process group as non SSL VirtualHost defines. You need to add to the SSL VirtualHost:
WSGIProcessGroup askbot2
There is no need to add a WSGIDaemonProcess directive to the SSL VirtualHost as it is piggy backing off that setup in non SSL VirtualHost to avoid multiple copies of application. Right now you have an even bigger problem in that the SSL variant is running in embedded mode, with is even less desirable scenario.
The third is that when setting up a Python virtual environment, you should use the python-home option to refer to the root of the Python virtual environment and not use python-path to refer to site-packages. For details on that see:
http://modwsgi.readthedocs.io/en/develop/user-guides/virtual-environments.html
The fourth problem is how you are dealing with Django initialisation failing. There is no need to to use the try/except around creating the WSGI application object. What you should do if using mod_wsgi daemon mode is use a modern mod_wsgi version (not likely the ancient version your OS packages provide), and set the startup-timeout option on the WSGIDaemonProcess directive. That option will automatically force a restart of process if WSGI script file fails to load within a certain time. For details on that option see:
http://modwsgi.readthedocs.io/en/develop/configuration-directives/WSGIDaemonProcess.html
If you are not going to do that, you at least need to add a raise to the except part so that the exception is propagated back to mod_wsgi so it knows the WSGI script file couldn't be loaded. if you don't, mod_wsgi thinks the WSGI script file was loaded fine, but then when it looks for application can't find it and so generates a 404 response and the error your see.
I have a dedicated server using Apache to listen to nine non standard ports (8xxx) which are supplying API services over SSL. Ports 80 and 443 are used to serve static content and an 'overwatch' service that indicates the status of the other services.
After a few days, the services start to fail because it appears that Apache is directing the service requests to the overwatch service rather than to the intended service. Restarting Apache fixes this issue until it happens again.
The services are implemented using wsgi.
There is a legacy pyramid API service configured as follows:
WSGIApplicationGroup %{GLOBAL}
WSGIPassAuthorization On
WSGIDaemonProcess pyramid user=ubuntu group=ubuntu threads=4 \
python-path=/home/ubuntu/ev_mis/lib/python2.7/site-packages
WSGIScriptAlias /mis /home/ubuntu/ev_mis/mis.wsgi
<Directory /home/ubuntu/ev_mis>
WSGIProcessGroup pyramid
Order allow,deny
Allow from all
</Directory>
The other eight API services use Django and are configured like this:
# Built automatically on Wed Sep 25 13:59:51 2013
Listen 8325
<VirtualHost _default_:8325>
DocumentRoot /usr/local/services/h/rb/mis/mis_site/mis_site
Alias /media /usr/local/services/h/rb/mis/mis_site/mis_site/media
Alias /static /usr/local/services/h/rb/mis/mis_site/mis_site/assets
<Directory /usr/local/services/h/rb/mis/mis_site/mis_site>
Order allow,deny
Allow from all
</Directory>
SetEnv DJANGO_SETTINGS_MODULE mis_site.settings.h
WSGIScriptAlias / /usr/local/orb_services/h/rb/mis/mis_site/mis_site/mis_site/wsgi.py
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/domain.crt
SSLCertificateKeyFile /etc/apache2/ssl/domain.key
SSLCertificateChainFile /etc/apache2/ssl/chain.crt
SSLOptions +StrictRequire
</VirtualHost>
Finally there is the overwatch service configuration:
<VirtualHost *:80>
DocumentRoot /var/www
Alias /static /var/www/static
<Directory /var/www/>
Order allow,deny
Allow from all
</Directory>
Alias /thumbnails /var/www/thumbnails
<Directory /var/www/thumbnails>
Order allow,deny
Allow from all
</Directory>
WSGIScriptAlias / /var/www/overwatch/overwatch/wsgi.py
ErrorLog ${APACHE_LOG_DIR}/error.log
# Possible values include: debug, info, notice, warn, error, crit,
# alert, emerg.
LogLevel warn
CustomLog ${APACHE_LOG_DIR}/access.log combined
</VirtualHost>
This is an example wsgi.py file:
import os
from os.path import abspath, dirname
from sys import path
from os import environ
SITE_ROOT = dirname(dirname(abspath(__file__)))
path.append(SITE_ROOT)
from django.core.wsgi import get_wsgi_application
def application(req_environ, start_response):
environ["DJANGO_SETTINGS_MODULE"] = req_environ.get("DJANGO_SETTINGS_MODULE",
environ.get("DJANGO_SETTINGS_MODULE",
None))
return get_wsgi_application()(req_environ, start_response)
For example: https://example.com/ yields the overwatch status table and https://example.com:8123/data/ yields service data on one of the services.
Analysis reveals that apache has mis-directed the call to the overwatch service. For example https://example.com:8123/data/ now yields page not found the debug trace reveals that it has been served by the overwatch wsgi service.
Once this happens, it happens consistently until I restart the apache service. Then everything is fine for a few days until it happens again. Apache does not report any configuration issues and starts/restarts fine.
Currently the server is only experiencing very light test traffic but it is scheduled to go live soon and I have no idea how to address this issue... short of perhaps biting the bullet and delaying launch while I reconfigure the whole thing to use nginx/gunicorn instead of apache which feels like a cop out.
A few comments.
You should not set DocumentRoot to a directory above where your project code is. If you were to inadvertently comment out the WSGIScriptAlias, all your project code, including the settings file with database passwords could be downloaded by someone.
You can't use 'SetEnv DJANGO_SETTINGS_MODULE mis_site.settings.h' in Apache to specify where the Django settings module is. It needs to be set in the wsgi.py file.
Why aren't you using daemon mode of mod_wsgi for your Django sites as well? You would be running multiple instances in sub interpreters of the one process and if you aren't configuring Django correctly, that could result in requests being handled by the wrong application. See http://blog.dscpl.com.au/2012/10/requests-running-in-wrong-django.html
UPDATE 1
Instead of using:
from django.core.wsgi import get_wsgi_application
def application(req_environ, start_response):
environ["DJANGO_SETTINGS_MODULE"] = req_environ.get(
"DJANGO_SETTINGS_MODULE". environ.get("DJANGO_SETTINGS_MODULE", None))
return get_wsgi_application()(req_environ, start_response)
You should be using:
from django.core.wsgi import get_wsgi_application
_application = get_wsgi_application()
def application(req_environ, start_response):
environ["DJANGO_SETTINGS_MODULE"] = req_environ.get(
"DJANGO_SETTINGS_MODULE", environ.get("DJANGO_SETTINGS_MODULE", None))
return _application(req_environ, start_response)
You are calling get_wsgi_application() on every request, which is a bad idea. It causes a new instance of the WSGI handler to be created on each request, which is not necessary. Doing so will also screw up the operation of monitoring tools such as New Relic.
I'm trying to learn how to deploy with mod_wsgi. I'm using django 1.4 with a small app running in virtualenv
Here are my apache2.conf code changes (ubuntu):
# https://docs.djangoproject.com/en/1.4/howto/deployment/wsgi/modwsgi/
# jcg 9/18/2012
WSGIScriptAlias / /home/jgoldstick/code/learn/myapp/wsgi.py
#WSGIPythonPath /home/jgoldstick/code/learn/myapp
WSGIPythonPath /home/jgoldstick/code/learn/myapp/lib/python2.7/site-packages
<Directory /home/jgoldstick/code/learn/myapp>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
I am getting 404 pages when I access the site. I am using the standard wsgi.py script that django produces.
what am I missing
Update to be more complete:
Here is my wsgi.py file in myapp/myapp
I added the appends as per first answer.
I am assuming in that answer that wsdl.py really meant wsgi.py.
import os, sys
sys.path.append('/home/jgoldstick/code/learn')
sys.path.append('/home/jgoldstick/code/learn/myapp')
os.environ.setdefault("DJANGO_SETTINGS_MODULE", "myapp.settings")
# This application object is used by any WSGI server configured to use this
# file. This includes Django's development server, if the WSGI_APPLICATION
# setting points here.
from django.core.wsgi import get_wsgi_application
application = get_wsgi_application()
# Apply WSGI middleware here.
# from helloworld.wsgi import HelloWorldApplication
# application = HelloWorldApplication(application)
I changed apache2.conf (which I believe is same as httpd.conf for ubuntu configuration) to:
https://docs.djangoproject.com/en/1.4/howto/deployment/wsgi/modwsgi/
# jcg 9/18/2012
Alias /media/ /home/jgoldstick/code/learn/media/
<Directory /home/jgoldstick/code/learn/media>
Order deny,allow
Allow from all
</Directory>
WSGIScriptAlias / /home/jgoldstick/code/learn/myapp/wsgi.py
WSGIPythonPath /home/jgoldstick/code/learn/myapp/lib/python2.7/site-packages
<Directory /home/jgoldstick/code/learn/myapp>
Order deny,allow
Allow from all
</Directory>
I restarted apache
But I still get 404 when I go to my app
wsdl.py:
import os, sys
sys.path.append('/home/jgoldstick/code/learn')
sys.path.append('/home/jgoldstick/code/learn/myapp')
os.environ['DJANGO_SETTINGS_MODULE'] = 'myapp.settings'
import django.core.handlers.wsgi
application = django.core.handlers.wsgi.WSGIHandler()
And httpd.conf should look like:
Alias /media/ /home/jgoldstick/code/learn/media/
<Directory /home/jgoldstick/code/learn/media>
Order deny,allow
Allow from all
</Directory>
WSGIScriptAlias / /home/jgoldstick/code/learn/myapp/django.wsgi
WSGIPythonPath /home/jgoldstick/code/learn/myapp/lib/python2.7/site-packages
<Directory /home/jgoldstick/code/learn/myapp>
Order deny,allow
Allow from all
</Directory>
If django.wsgi is located in /home/jgoldstick/code/learn/myapp/myapp/django.wsgi please add /myapp everywhere.
The same configuration as /media/ directory shoud have static and remember to execute ./manage.py collectstatic
Please refer to Documentation Django-modWSGI
I have a Django application with the following directory structure
/myapp/
/login/
/myapp_settings/
/subapp1/
/supapp2/
manage.py is in the myapp directory.
In the project's url.py I have URL settings like this:
urlpatterns = patterns('',
url(r'^subapp1/', include('subapp1.urls')),
url(r'^xhr/', include('subapp1.urls')),
url(r'^admin/', include(admin.site.urls)),
url(r'^subapp2/', include('smart_selects.urls')),
# Login / logout.
url(r'^login/$', 'django.contrib.auth.views.login'),
url(r'^logout/$', 'django.contrib.auth.views.logout', {'next_page': '/subapp1/'}, name='auth_logout'),
url(r'^logout/(?P<next_page>.*)/$', 'django.contrib.auth.views.logout', name='auth_logout_next'),
)
When deployed on the development runserver, everything links and loads correctly. When I deploy the entire myapp directory to the Django root on Apache, I find it's not linking as expected.
For example, if I link to example.com/login/, I get an Apache 404. I think it's because I don't have a virtual directory configuration defined for that specific directory.
I have the following set up in Apache for my application:
WSGIScriptAlias /myapp /var/www/django-projects/myapp/myapp_settings/wsgi.py
WSGIPythonPath /var/www/django-projects/myapp
Alias /media/ /var/www/django-projects/myapp/media/
Alias /static/ /var/www/django-projects/myapp/static/
<Directory /var/www/django-projects/myapp/static>
Order deny,allow
Allow from all
</Directory>
<Directory /var/www/django-projects/myapp/media>
Order deny,allow
Allow from all
</Directory>
<Directory /var/www/django-projects/myapp/myapp_settings/>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
Do I need an Alias and a Directory configuration for each URL pattern I use? If so, how can I redo my URL patterns so that I don't need to do this. I don't want to have to do all of this extra Apache configuration when I deploy the application.
EDIT: I modified my WSGIScriptAlias as suggest by Reinbach. It now reads WSGIScriptAlias / /var/www/django-projects/myapp/myapp_settings/wsgi.py. However, this still returns a 404. The error in the Apache log says
[Fri Sep 07 09:11:00 2012] [error] [client 192.189.x.x] File does not exist: /var/www/html/login
Notice that it's looking in /var/www/html (Default Apache root) instead of /var/www/django-projects
EDIT2: I'm attaching the VirtualHost block for this section
WSGIPythonPath /var/www/django-projects/myapp
<VirtualHost sub.example.com:80>
DocumentRoot /var/www/django-projects/myapp
ServerName sub.example.com
WSGIScriptAlias / /var/www/django-projects/myapp/myapp_settings/wsgi.py
Alias /robots.txt /var/www/django-projects/myapp/static/robots.txt
Alias /favicon.ico /var/www/django-projects/myapp/static/favicon.ico
AliasMatch ^/([^/]*\.css) /var/www/django-projects/myapp/static/css/$1
AliasMatch ^/([^/]*\.js) /var/www/django-projects/myapp/static/js/$1
AliasMatch ^/([^/]*\.png) /var/www/django-projects/myapp/static/images/$1
AliasMatch ^/([^/]*\.swf) /var/www/django-projects/myapp/static/swf/$1
Alias /media/ /var/www/django-projects/myapp/media/
Alias /static/ /var/www/django-projects/myapp/static/
<Directory /var/www/django-projects/myapp/static>
Order deny,allow
Allow from all
</Directory>
<Directory /var/www/django-projects/myapp/media>
Order deny,allow
Allow from all
</Directory>
<Directory /var/www/django-projects/myapp/myapp_settings/>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
</VirtualHost>
I believe you want to change your WSGIScriptAlias as you currently have it expecting to handle example.com/myapp/login while your sample is showing you trying to use example.com/login
WSGIScriptAlias / /var/www/django-projects/myapp/myapp_settings/wsgi.py
See How to use Django with Apache and mod_wsgi
LONG STORY SHORT
Allow and Deny are deprecated since Apache 2.4.x, use Require all granted (or denied) instead.
THE LONG STORY
I'm encountering the same problem while trying to set up Django with Apache and mod_wsgi. I'm not entirely sure why this happens but when I comment out the following lines in the httpd.conf
# Deny access to the entirety of your server's filesystem. You must
# explicitly permit access to web content directories in other
# <Directory> blocks below.
#
#<Directory />
# AllowOverride none
# Require all denied
#</Directory>
everything works alright.
I'm not sure if this is the right and secure way to solve the problem, but I hope it might help.
P.S. I think this shouldn't cause much security troubles since root directory is aliased anyways:WSGIScriptAlias / /var/www/django-projects/myapp/myapp_settings/wsgi.py, but I may be worng.
P.P.S. Looks like the better solution would be to leave those lines uncommented, but change Order and Allow directives in favor of Require all granted. For example:
<Directory /var/www/django-projects/myapp/myapp_settings/>
<Files wsgi.py>
Require all granted
#Order deny,allow
#Allow from all
</Files>
</Directory>
However this is only a trial and error solution I could come up. I got no deep understanding why it works but Order and Allow doesn't.
P.P.P.S Oh, now I know what. Allow and Deny are deprecated since Apache 2.4.x. Good answer can be found here.
Originally when I installed Django 1.3 with wsgi on my ubuntu server I used the included setup.py file and so when I wanted to update followed the Remove any old versions of Django section of the install guide by renaming the "django" folder in my site-packages "django.old" and then installing the new version by using the the setup.py file for Django 1.4
After restarting my apache server I got a standard 500 Internal error. I checked the apache error log and discovered that ADMIN_MEDIA_PREFIX has been deprecated so following the Django 1.4 release notes I removed ADMIN_MEDIA_PREFIX from the settings file and moved the admin files into the static directory under a folder called "admin" as indicated.
I restarted my apache server again and received the same standard 500 error but this time when I tried running a tail on the apache error log no new errors registered.
Without any further error messages I am really stuck so any help will be appreciated.
Below is the content of my apache site config file and the wsgi file
site config:
<VirtualHost *:80>
ServerAdmin me#mysite.com
ServerName www.mysite.com
ServerAlias mysite.com
# Indexes + Directory Root.
# DirectoryIndex index.html index.htm index.php
DocumentRoot /home/www/www.mysite.com/htdocs/
# CGI Directory
ScriptAlias /cgi-bin/ /home/www/www.mysite.com/cgi-bin/
<Location /cgi-bin>
Options +ExecCGI
</Location>
# Logfiles
ErrorLog /home/www/www.mysite.com/logs/error.log
CustomLog /home/www/www.mysite.com/logs/access.log combined
<Directory />
Options FollowSymLinks
AllowOverride None
</Directory>
<Directory /home/www/www.mysite.com/htdocs/>
Options FollowSymLinks MultiViews
AllowOverride All
allow from all
</Directory>
### Connect Django to the URL using WSGI (the django recommended method)
WSGIScriptAlias /myproject /django/myproject/django.wsgi
### Alias to the location of the static dir (images, css, js etc.)
Alias /myproject/static /django/myproject/static
<Directory /django/myproject/static>
Order deny,allow
allow from all
</Directory>
</VirtualHost>
django.wsgi:
import sys
import os
import django.core.handlers.wsgi
sys.path.append(os.path.dirname(os.path.abspath(__file__)) + '/..')
os.environ['DJANGO_SETTINGS_MODULE'] = 'myproject.settings'
application = django.core.handlers.wsgi.WSGIHandler()
sys.path.insert(0, '/django/myproject/')
sys.path.insert(0, '/django/myproject/')
from django.core.handlers.wsgi import WSGIHandler
application = WSGIHandler()
Please note I have tried to remove or rename any identifying information from these files for security reasons, so if there is an obvious syntax error etc. it is probably due to this editing. The original versions of these files are the same accept for the name changes and worked well under Django 1.3
django 1.4 have a wsgi.py file configuratiom included:
See the documentation:
https://docs.djangoproject.com/en/1.4/howto/deployment/wsgi/#the-application-object