Find solution
How can I use SSL with django?

How to use SSL with Django app (deployed using mod_wsgi and virtualenv)

  • Disclaimer: I don't really know what I'm doing, so I may have phrased things wrong. I've also never asked/answered a question on here before! I have a Django app running on Apache that I deployed using mod_wsgi and virtualenv. I want some parts of the app to use SSL, however when I install the SSL certificate, the https URL goes to the index.html file from my public_html folder instead of the app (which is outside of public_html) For example, visit https://tradekandi.com. That URL is just a basic HTML file: public_html/index.html Then visit http://tradekandi.com. That's my Django page (in maintenance mode). I've searched stackoverflow and Google all day. I've tried removing the documentroot from the virtual hosts file but that did nothing. I tried adding a SetEnvIf X-Forwarded-Proto https HTTPS=1 line to it but that did nothing either. My virtual hosts file has these lines in it: SSLEngine on SSLCertificateFile /etc/ssl/certs/tradekandi.com.crt SSLCertificateKeyFile /etc/ssl/private/tradekandi.com.key SSLCACertificateFile /etc/ssl/certs/tradekandi.com.cabundle Whenever I make any changes, I restart apache and "touch" the app's wsgi file. How can I make the https URL load the Django app? Any help would be much appreciated. Thank you. More of httpd configuration: <VirtualHost 69.65.42.153:80> ServerName tradekandi.com ServerAlias www.tradekandi.com DocumentRoot /home/trade/public_html ServerAdmin [email protected] UseCanonicalName Off CustomLog /usr/local/apache/domlogs/tradekandi.com combined CustomLog /usr/local/apache/domlogs/tradekandi.com-bytes_log "%{%s}t %I .\n%{%s}t %O ." ## User trade # Needed for Cpanel::ApacheConf <IfModule mod_suphp.c> suPHP_UserGroup trade trade </IfModule> <IfModule !mod_disable_suexec.c> SuexecUserGroup trade trade </IfModule> ScriptAlias /cgi-bin/ /home/trade/public_html/cgi-bin/ Include "/usr/local/apache/conf/userdata/*.conf" Include "/usr/local/apache/conf/userdata/*.owner-root" Include "/usr/local/apache/conf/userdata/std/*.conf" Include "/usr/local/apache/conf/userdata/std/*.owner-root" Include "/usr/local/apache/conf/userdata/std/2/*.conf" Include "/usr/local/apache/conf/userdata/std/2/*.owner-root" Include "/usr/local/apache/conf/userdata/std/2/trade/*.conf" Include "/usr/local/apache/conf/userdata/std/2/trade/tradekandi.com/*.conf" </VirtualHost> <VirtualHost 69.65.42.153:443> ServerName tradekandi.com ServerAlias www.tradekandi.com DocumentRoot /home/trade/public_html ServerAdmin [email protected] UseCanonicalName Off CustomLog /usr/local/apache/domlogs/tradekandi.com combined CustomLog /usr/local/apache/domlogs/tradekandi.com-bytes_log "%{%s}t %I .\n%{%s}t %O ." ## User nobody # Needed for Cpanel::ApacheConf <IfModule mod_suphp.c> suPHP_UserGroup nobody nobody </IfModule> ScriptAlias /cgi-bin/ /home/trade/public_html/cgi-bin/ SSLEngine on SSLCertificateFile /etc/ssl/certs/tradekandi.com.crt SSLCertificateKeyFile /etc/ssl/private/tradekandi.com.key SSLCACertificateFile /etc/ssl/certs/tradekandi.com.cabundle CustomLog /usr/local/apache/domlogs/tradekandi.com-ssl_log combined SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown <Directory "/home/trade/public_html/cgi-bin"> SSLOptions +StdEnvVars </Directory> Include "/usr/local/apache/conf/userdata/*.conf" </VirtualHost> If it's relevant, this is a dedicated server running CentOS & I am also using it to host one PHP-based site. Wsgi file: import os import sys sys.stdout = sys.stderr from os.path import abspath, dirname, join from site import addsitedir sys.path.append('/home/trade/sites/tradekandi.com.env/lib/python2.7/site-packages') sys.path.insert(0, abspath(join(dirname(__file__), "../../"))) from django.conf import settings os.environ["DJANGO_SETTINGS_MODULE"] = "trade.settings" sys.path.insert(0, join(settings.PROJECT_ROOT, "apps")) from django.core.handlers.wsgi import WSGIHandler application = WSGIHandler() extra.conf with mod_wsgi directives: Alias /static/ /home/trade/public_html/static/ <Directory /home/trade/public_html/static> Order deny,allow Allow from all </Directory> WSGIDaemonProcess trade python-path=/home/trade/sites/tradekandi.com.env/lib/python2.7/site-packages WSGIProcessGroup trade WSGIScriptAlias / /home/trade/sites/tradekandi.com.env/site/trade/deploy/pinax.wsgi <Directory /home/trade/sites/tradekandi.com.env/site/trade/deploy> Order deny,allow Allow from all </Directory>

  • Answer:

    Answering my own question for the benefit of anyone who may come across this: I added the following lines: WSGIProcessGroup tradek WSGIScriptAlias / /home/trade/sites/tradekandi.com.env/site/trade/deploy/pinax.wsgi to a .conf file located in /usr/local/apache/conf/userdata/ssl/2/trade/tradekandi.com, then used the command /scripts/ensure_vhost_includes --user=trade (I also happened to change the ProcessGroup name) Seems to have done the trick, although now I need to get rid of the insecure elements on the page! Thanks to Graham, because it was one of your answers to someone else that helped me figure this out.

frostyterrier at Stack Overflow Visit the source

Was this solution helpful to you?

Related Q & A:

Just Added Q & A:

Find solution

For every problem there is a solution! Proved by Solucija.

  • Got an issue and looking for advice?

  • Ask Solucija to search every corner of the Web for help.

  • Get workable solutions and helpful tips in a moment.

Just ask Solucija about an issue you face and immediately get a list of ready solutions, answers and tips from other Internet users. We always provide the most suitable and complete answer to your question at the top, along with a few good alternatives below.