基于SSL的虚拟主机与django和mod_wsgi [英] SSL based virtual host with django and mod_wsgi

问题描述

我有一个django Web应用程序，其中一些URL被允许通过http访问，而其他URL必须通过http安全。我需要在我的apache conf文件中设置virtualHost / mod_wsgi配置，以便可以通过两者同时访问相同的Web应用程序。我跟着这2个帖子

• 如何强制对我的Django应用程序的某些URL使用SSL？


• Django和SSL问题

，并具有以下配置，我认为应该这样做。

  NameVirtualHost *： 80 
< VirtualHost *：80> 
 ServerAdmin me@mail.com 
 DocumentRoot / var / www / html 
服务器名称www.mydomain.com 
 
 ErrorLog server-logs / error_log 
 CustomLog server-logs / access_log common 
 
 WSGIScriptAlias / test /var/www/my_app_root/apache/django.wsgi 
 
< Directory / var / www / my_app_root> 
订单允许，拒绝
允许从所有
< / Directory> 
< / VirtualHost> 
 
 NameVirtualHost *：443 
< VirtualHost *：443> 
 SSLEngine On 
 SSLCertificateFile /etc/httpd/conf/ssl/mykey.crt 
 SSLCertificateKeyFile /etc/httpd/conf/ssl/mykey.key 
 
 ServerAdmin我@ mail.com 
 DocumentRoot / var / www / html 
服务器名称www.mydomain.com 
 
 ErrorLog server-logs / error_log 
 CustomLog server-logs / access_log common 
 
 WSGIScriptAlias / test /var/www/my_app_root/apache/django.wsgi 
 
< Directory / var / www / my_app_root> 
订单允许，拒绝
允许从所有
< / Directory> 
< / VirtualHost> 
  

但是，必须通过http访问的网址正在被访问，没有任何问题，而那些必须结束https获得404 - 找不到错误。
我有一个装饰器，看看是否通过http访问视图，然后重定向到用http替换为http的url。所以url映射是正确的，因为我看到重定向发生（这意味着视图被调用），但通过https，它得到404错误。

我有一个第三方php应用程序在web服务器文件根目录 / var / www / html / 中工作正常https。不知怎的，该应用程序没有在http或https上面临任何问题。

我尝试了以下

• 在两个虚拟主机中使用相同的 WSGIProcessGroup 名称尝试了守护进程模式方法，但这并不奏效。


• 我尝试添加Listen 443命令，apache抱怨端口已经绑定错误。

编辑：

由于您的所有评论，我更多地探索了配置，发现有一个sub conf文件在运行时被拉入，定义*：443虚拟主机（并没有wsgiscript指令）。这就是为什么 Listen 443 抛出错误。这也解释了通过https的URL（虚拟主机处理*：443无法解析该URL）的404。现在我修改了，一切都正常。在我原来的问题中的2堆栈溢出帖子中提出的方法是完美的，可以正常工作。

解决方案

您是否在apache2.conf中提到了Listen 80和Listen 443？ 此可能是一些帮助。

I have a django web application in which some URLs are allowed to be accessed over http while others have to be over http-secure only. I need to set up the virtualHost/ mod_wsgi configuration in my apache conf file, so that the same web application can be accessed over both. I followed these 2 posts

• How to force the use of SSL for some URL of my Django Application?
• Django and SSL question

and have the following configuration which I think should do the trick.

NameVirtualHost *:80
<VirtualHost *:80>
    ServerAdmin me@mail.com
    DocumentRoot /var/www/html
    ServerName www.mydomain.com

    ErrorLog server-logs/error_log
    CustomLog server-logs/access_log common

    WSGIScriptAlias /test /var/www/my_app_root/apache/django.wsgi

    <Directory /var/www/my_app_root>
      Order allow,deny
      Allow from all
    </Directory>    
</VirtualHost>

NameVirtualHost *:443
<VirtualHost *:443>
    SSLEngine On
    SSLCertificateFile /etc/httpd/conf/ssl/mykey.crt
    SSLCertificateKeyFile /etc/httpd/conf/ssl/mykey.key

    ServerAdmin me@mail.com
    DocumentRoot /var/www/html
    ServerName www.mydomain.com

    ErrorLog server-logs/error_log
    CustomLog server-logs/access_log common

    WSGIScriptAlias /test /var/www/my_app_root/apache/django.wsgi

    <Directory /var/www/my_app_root>
      Order allow,deny
      Allow from all
    </Directory>
</VirtualHost>

However, the urls which have to be accessed over http are being accessed without any issues, while those which have to be over https are getting a 404 - not found error. I have a decorator which sees if a view is being accessed over http and then redirects to a url with the http replaced by https. So the url-mapping is correct since I see the redirect happening (that means the view gets called) but over https, it gets 404 error.

I have a 3rd party php application in the webserver document root /var/www/html/ which works fine over https. Somehow, that application is not facing any issue over http or https.

I tried the following

• Tried the Daemon mode approach with the same WSGIProcessGroup name in both virtual hosts, but that did not work out either.
• I tried adding Listen 443 command, and apache complained of a port already bound error.

Edit:

Due to all your comments, I explored the configurations a bit more and found that there was a sub conf file which was getting pulled in at run time which was defining the *:443 virtual host (and did not have the wsgiscript directive). That's why the Listen 443 was throwing an error. And that also explains the 404 for the url over https (the virtualhost handling *:443 was unable to resolve that url). Now I modified it and everything is working fine. The approaches suggested in the 2 stack overflow posts in my original question are perfect and work correctly.

解决方案

Do you have both "Listen 80" and "Listen 443" mentioned in your apache2.conf? This might be of some help.

这篇关于基于SSL的虚拟主机与django和mod_wsgi的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！