Hey Tom,
Thanks, you rightly pointed out right security way to implement django. But currently I am facing issue with implementing whatever way I tried.WSGIPythonPath C:\Python27\Lib\site-packages
<VirtualHost *:80>
ServerAdmin admin@testarhamcollections.com
DocumentRoot "C:/Apache24/htdocs/testarhamcollections"
ServerName www.testarhamcollections.com
ServerAlias testarhamcollections.com
ErrorLog "C:/Apache24/htdocs/testarhamcollections/logs/testarhamcollections.com-error.log"
CustomLog "C:/Apache24/htdocs/testarhamcollections/logs/testarhamcollections.com-access.log" common
<Directory c:/Apache24/htdocs/testarhamcollections>
Require all granted
</Directory>
WSGIScriptAlias / c:\Apache24\htdocs\testarhamcollections
Alias / "c:/Apache24/htdocs/testarhamcollections"
<Directory "c:/Apache24/htdocs/testarhamcollections/project1">
<Files "wsgi.py">
Require all granted
</Files>
</Directory>
</VirtualHost>
Also, you appreciate if you come on Google Hangout.
On 8 May 2017 at 23:22, 'Tom Evans' via Django users <django-users@googlegroups.com> wrote:
On Mon, May 8, 2017 at 11:08 AM, sarfaraz ahmed <findsarfaraz@gmail.com> wrote:
> Hello Guys,
> [ .. ]
> This is conf file for Apache
> ------------------------------------------------------------ DANGER!------------------------------ ------------------------------ ------------------------------ ----------------
> <VirtualHost *:80>
> ServerAdmin admin@testarhamcollections.com
> DocumentRoot "C:/Apache24/htdocs/testarhamcollections"
> ServerName www.testarhamcollections.com
> ServerAlias testarhamcollections.com
> ErrorLog
> "C:/Apache24/htdocs/testarhamcollections/logs/ testarhamcollections.com- error.log"
> CustomLog
> "C:/Apache24/htdocs/testarhamcollections/logs/ testarhamcollections.com- access.log"
> common
>
> WSGIScriptAlias /
> "c:/Apache24/htdocs/testarhamcollections/project1/ wsgi.py"
>
> Alias / "c:/Apache24/htdocs/testarhamcollections"
> Alias /static/ "c:/Apache24/htdocs/testarhamcollections/static/"
> Alias /media/ "c:/Apache24/htdocs/testarhamcollections/static/ media/"
Python/WSGI is not like PHP, the program files should not live in web
accessible directory.
Your WSGI script should not be in a web accessible directory.
The only things that should be in a web accessible directory are your
static htdocs, which are collected to that location by Django using
the command "collectstatic".
Your project files should be OUTSIDE the document root and NOT aliased
into it in any way!
A typical layout should look like so:
c:/DjangoProjects/project_name
├── htdocs
├── logs
├── my_project
│ ├── manage.py
│ ├── my_app1
│ │ ├── __init__.py
│ │ ├── admin.py
│ │ ├── apps.py
│ │ ├── migrations
│ │ │ └── __init__.py
│ │ ├── models.py
│ │ ├── tests.py
│ │ └── views.py
│ ├── my_app2
│ │ ├── __init__.py
│ │ ├── admin.py
│ │ ├── apps.py
│ │ ├── migrations
│ │ │ └── __init__.py
│ │ ├── models.py
│ │ ├── tests.py
│ │ └── views.py
│ └── my_project
│ ├── __init__.py
│ ├── settings.py
│ ├── urls.py
│ └── wsgi.py
└── my_virtual_env
The only directory of those that should be web accessible is htdocs,
and none of your code should live there.
Cheers
Tom
--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com .
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users .
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/ .CAFHbX1JoAHqgWnyxeNMn1EwqaMnvf 8fsahT8JW0nK2A9%2BYRoOQ% 40mail.gmail.com
For more options, visit https://groups.google.com/d/optout .
--
Thanks with regards,
Sarfaraz Ahmed
Sarfaraz Ahmed
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAEPJdiztgf9ZC%3DNHAbh83dZUni1WigEHbdCAWOntRXCj%3D--o4Q%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
No comments:
Post a Comment