fro*_*ier 7 apache django ssl mod-wsgi virtualenv
免责声明:我真的不知道我在做什么,所以我可能说错了.我以前从未在这里问过/回答过一个问题!
我在Apache上运行了一个Django应用程序,我使用mod_wsgi和virtualenv进行部署.我希望应用程序的某些部分使用SSL,但是当我安装SSL证书时,https URL从我的public_html文件夹而不是app(在public_html之外)转到index.html文件
例如,访问https://tradekandi.com.该URL只是一个基本的HTML文件:public_html/index.html然后访问http://tradekandi.com.那是我的Django页面(在维护模式下).
我整天都在搜索stackoverflow和Google.我已经尝试从虚拟主机文件中删除了文档,但没有做任何事情.我尝试添加一个SetEnvIf X-Forwarded-Proto https HTTPS = 1行,但它也没有做任何事情.
我的虚拟主机文件中包含以下行:
SSLEngine on
SSLCertificateFile /etc/ssl/certs/tradekandi.com.crt
SSLCertificateKeyFile /etc/ssl/private/tradekandi.com.key
SSLCACertificateFile /etc/ssl/certs/tradekandi.com.cabundle
每当我做出任何更改时,我都会重新启动apache并"触摸"应用程序的wsgi文件.
如何使https URL加载Django应用程序?任何帮助将非常感激.谢谢.
更多httpd配置:
<VirtualHost 69.65.42.153:80>
ServerName tradekandi.com
ServerAlias www.tradekandi.com
DocumentRoot /home/trade/public_html
ServerAdmin webmaster@tradekandi.com
UseCanonicalName Off
CustomLog /usr/local/apache/domlogs/tradekandi.com combined
CustomLog /usr/local/apache/domlogs/tradekandi.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
## User trade # Needed for Cpanel::ApacheConf
<IfModule mod_suphp.c>
suPHP_UserGroup trade trade
</IfModule>
<IfModule !mod_disable_suexec.c>
SuexecUserGroup trade trade
</IfModule>
ScriptAlias /cgi-bin/ /home/trade/public_html/cgi-bin/
Include "/usr/local/apache/conf/userdata/*.conf"
Include "/usr/local/apache/conf/userdata/*.owner-root"
Include "/usr/local/apache/conf/userdata/std/*.conf"
Include "/usr/local/apache/conf/userdata/std/*.owner-root"
Include "/usr/local/apache/conf/userdata/std/2/*.conf"
Include "/usr/local/apache/conf/userdata/std/2/*.owner-root"
Include "/usr/local/apache/conf/userdata/std/2/trade/*.conf"
Include "/usr/local/apache/conf/userdata/std/2/trade/tradekandi.com/*.conf"
</VirtualHost>
<VirtualHost 69.65.42.153:443>
ServerName tradekandi.com
ServerAlias www.tradekandi.com
DocumentRoot /home/trade/public_html
ServerAdmin webmaster@tradekandi.com
UseCanonicalName Off
CustomLog /usr/local/apache/domlogs/tradekandi.com combined
CustomLog /usr/local/apache/domlogs/tradekandi.com-bytes_log "%{%s}t %I .\n%{%s}t %O ."
## User nobody # Needed for Cpanel::ApacheConf
<IfModule mod_suphp.c>
suPHP_UserGroup nobody nobody
</IfModule>
ScriptAlias /cgi-bin/ /home/trade/public_html/cgi-bin/
SSLEngine on
SSLCertificateFile /etc/ssl/certs/tradekandi.com.crt
SSLCertificateKeyFile /etc/ssl/private/tradekandi.com.key
SSLCACertificateFile /etc/ssl/certs/tradekandi.com.cabundle
CustomLog /usr/local/apache/domlogs/tradekandi.com-ssl_log combined
SetEnvIf User-Agent ".*MSIE.*" nokeepalive ssl-unclean-shutdown
<Directory "/home/trade/public_html/cgi-bin">
SSLOptions +StdEnvVars
</Directory>
Include "/usr/local/apache/conf/userdata/*.conf"
</VirtualHost>
如果它是相关的,这是一个运行CentOS的专用服务器,我也用它来托管一个基于PHP的站点.
Wsgi文件:
import os
import sys
sys.stdout = sys.stderr
from os.path import abspath, dirname, join
from site import addsitedir
sys.path.append('/home/trade/sites/tradekandi.com.env/lib/python2.7/site-packages')
sys.path.insert(0, abspath(join(dirname(__file__), "../../")))
from django.conf import settings
os.environ["DJANGO_SETTINGS_MODULE"] = "trade.settings"
sys.path.insert(0, join(settings.PROJECT_ROOT, "apps"))
from django.core.handlers.wsgi import WSGIHandler
application = WSGIHandler()
带有mod_wsgi指令的extra.conf:
Alias /static/ /home/trade/public_html/static/
<Directory /home/trade/public_html/static>
Order deny,allow
Allow from all
</Directory>
WSGIDaemonProcess trade python-path=/home/trade/sites/tradekandi.com.env/lib/python2.7/site-packages
WSGIProcessGroup trade
WSGIScriptAlias / /home/trade/sites/tradekandi.com.env/site/trade/deploy/pinax.wsgi
<Directory /home/trade/sites/tradekandi.com.env/site/trade/deploy>
Order deny,allow
Allow from all
</Directory>
为了任何可能遇到此问题的人的利益,回答我自己的问题:
我添加了以下几行:
WSGIProcessGroup tradek
WSGIScriptAlias / /home/trade/sites/tradekandi.com.env/site/trade/deploy/pinax.wsgi
到位于 /usr/local/apache/conf/userdata/ssl/2/trade/tradekandi.com 的 .conf 文件,然后使用命令 /scripts/ensure_vhost_includes --user=trade
(我也碰巧更改了ProcessGroup名称)
似乎已经成功了,尽管现在我需要摆脱页面上的不安全元素!感谢格雷厄姆,因为这是你对其他人的回答之一,帮助我解决了这个问题。
| 归档时间: |
|
| 查看次数: |
2358 次 |
| 最近记录: |