Django 管理面板不适用于 https
Django Admin panel not working with https
我有一个 Django 项目,我刚刚使用 Apache 和 mod_wsgi 部署了它,它似乎运行良好。然后我更改了 Apache 配置文件以允许 HTTPS,现在我的管理站点无法正常工作(尽管常规站点可以同时使用 http 和 https)。
首先,如果我转到 http://www.example.com/admin or https://www.example.com/admin,我会得到 "Server Error (500)"。我的 Apache 错误日志中没有列出任何内容,但我在 other_vhosts_access.log:
中得到以下行
使用 HTTPS:
"GET /admin/login/?next=/admin/ HTTP/1.1" 500 553 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36"
使用 HTTP:
"GET /admin/login/?next=/admin/ HTTP/1.1" 500 300 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36"
其次,如果我使用我的管理员用户名和密码登录 www.example.com,然后转到 www.example。com/admin 我会看到标准管理面板(如果我使用 HTTP)或我得到管理面板减去任何 CSS(当我使用 HTTPS 时)。
这是我当前的 Apache 配置文件(已编辑以添加缺少的 /static 别名):
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName www.example.com
ServerAlias www.example.com
DocumentRoot /srv/www/www.example.com
Alias /static /srv/www/www.example.com/static
<Directory /srv/www/www.example.com/static>
Order allow,deny
Allow from all
</Directory>
<Directory /srv/www/www.example.com/my_app>
<Files wsgi.py>
Allow from all
</Files>
</Directory>
WSGIDaemonProcess my_app python-path=/srv/www/bcsurvey.wwbp.org:/srv/www/www.example.com/virtenv/lib/python2.7/site-packages
WSGIProcessGroup my_app
WSGIScriptAlias / /srv/www/www.example.com/my_app/wsgi.py
</VirtualHost>
NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/sslkey/mykey.crt
SSLCertificateKeyFile /etc/apache2/sslkey/mykey.crt
ServerAdmin webmaster@localhost
ServerName www.example.com
ServerAlias www.example.com
DocumentRoot /srv/www/www.example.com
WSGIProcessGroup my_app
WSGIScriptAlias / /srv/www/www.example.com/my_app/wsgi.py
Alias /static /srv/www/www.example.com/static
<Directory /srv/www/www.example.com/static>
Order allow,deny
Allow from all
</Directory>
<Directory /srv/www/www.example.com/my_app>
<Files wsgi.py>
Allow from all
</Files>
</Directory>
</VirtualHost>
这是我的 settings.py 文件:
import os
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
TEMPLATE_PATH = os.path.join(BASE_DIR, 'templates')
STATIC_PATH = os.path.join(BASE_DIR, 'static')
STATIC_ROOT = '/srv/www/www.example.com'
MEDIA_PATH = os.path.join(BASE_DIR, 'media')
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'mykey'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False
TEMPLATE_DEBUG = True
ALLOWED_HOSTS = ['www.example.com']
INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.sites',
'survey',
)
MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
)
ROOT_URLCONF = 'my_app.urls'
WSGI_APPLICATION = 'my_app.wsgi.application'
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
}
}
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
STATIC_URL = '/static/'
STATICFILES_DIRS = (
STATIC_PATH,
)
MEDIA_URL = '/media/'
MEDIAFILES_DIRS = (
MEDIA_PATH,
)
TEMPLATE_DIRS = (
TEMPLATE_PATH,
)
EMAIL_USE_TLS = True
EMAIL_HOST = 'smtp.email.com'
EMAIL_PORT = 587
EMAIL_HOST_USER = 'myemail@email.com'
EMAIL_HOST_PASSWORD = 'myemailpassword'
DEFAULT_FROM_EMAIL = 'myemail@email.com'
DEFAULT_TO_EMAIL = 'to email'
此外,我正在使用 Django v. 1.7。
编辑:
真正的错误是缺少 SITE_ID 设置。查看小调试会话的评论...
原回答:
您在 https 配置中缺少 /static 别名。
静态资源是https请求的吗?
此外,您在 https 配置中缺少 WSGIDaemonProcess 语句。
我有一个 Django 项目,我刚刚使用 Apache 和 mod_wsgi 部署了它,它似乎运行良好。然后我更改了 Apache 配置文件以允许 HTTPS,现在我的管理站点无法正常工作(尽管常规站点可以同时使用 http 和 https)。
首先,如果我转到 http://www.example.com/admin or https://www.example.com/admin,我会得到 "Server Error (500)"。我的 Apache 错误日志中没有列出任何内容,但我在 other_vhosts_access.log:
中得到以下行使用 HTTPS:
"GET /admin/login/?next=/admin/ HTTP/1.1" 500 553 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36"
使用 HTTP:
"GET /admin/login/?next=/admin/ HTTP/1.1" 500 300 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36"
其次,如果我使用我的管理员用户名和密码登录 www.example.com,然后转到 www.example。com/admin 我会看到标准管理面板(如果我使用 HTTP)或我得到管理面板减去任何 CSS(当我使用 HTTPS 时)。
这是我当前的 Apache 配置文件(已编辑以添加缺少的 /static 别名):
<VirtualHost *:80>
ServerAdmin webmaster@localhost
ServerName www.example.com
ServerAlias www.example.com
DocumentRoot /srv/www/www.example.com
Alias /static /srv/www/www.example.com/static
<Directory /srv/www/www.example.com/static>
Order allow,deny
Allow from all
</Directory>
<Directory /srv/www/www.example.com/my_app>
<Files wsgi.py>
Allow from all
</Files>
</Directory>
WSGIDaemonProcess my_app python-path=/srv/www/bcsurvey.wwbp.org:/srv/www/www.example.com/virtenv/lib/python2.7/site-packages
WSGIProcessGroup my_app
WSGIScriptAlias / /srv/www/www.example.com/my_app/wsgi.py
</VirtualHost>
NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine on
SSLCertificateFile /etc/apache2/sslkey/mykey.crt
SSLCertificateKeyFile /etc/apache2/sslkey/mykey.crt
ServerAdmin webmaster@localhost
ServerName www.example.com
ServerAlias www.example.com
DocumentRoot /srv/www/www.example.com
WSGIProcessGroup my_app
WSGIScriptAlias / /srv/www/www.example.com/my_app/wsgi.py
Alias /static /srv/www/www.example.com/static
<Directory /srv/www/www.example.com/static>
Order allow,deny
Allow from all
</Directory>
<Directory /srv/www/www.example.com/my_app>
<Files wsgi.py>
Allow from all
</Files>
</Directory>
</VirtualHost>
这是我的 settings.py 文件:
import os
BASE_DIR = os.path.dirname(os.path.dirname(__file__))
TEMPLATE_PATH = os.path.join(BASE_DIR, 'templates')
STATIC_PATH = os.path.join(BASE_DIR, 'static')
STATIC_ROOT = '/srv/www/www.example.com'
MEDIA_PATH = os.path.join(BASE_DIR, 'media')
# SECURITY WARNING: keep the secret key used in production secret!
SECRET_KEY = 'mykey'
# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = False
TEMPLATE_DEBUG = True
ALLOWED_HOSTS = ['www.example.com']
INSTALLED_APPS = (
'django.contrib.admin',
'django.contrib.auth',
'django.contrib.contenttypes',
'django.contrib.sessions',
'django.contrib.messages',
'django.contrib.staticfiles',
'django.contrib.sites',
'survey',
)
MIDDLEWARE_CLASSES = (
'django.contrib.sessions.middleware.SessionMiddleware',
'django.middleware.common.CommonMiddleware',
'django.middleware.csrf.CsrfViewMiddleware',
'django.contrib.auth.middleware.AuthenticationMiddleware',
'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
'django.contrib.messages.middleware.MessageMiddleware',
'django.middleware.clickjacking.XFrameOptionsMiddleware',
)
ROOT_URLCONF = 'my_app.urls'
WSGI_APPLICATION = 'my_app.wsgi.application'
DATABASES = {
'default': {
'ENGINE': 'django.db.backends.sqlite3',
'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
}
}
LANGUAGE_CODE = 'en-us'
TIME_ZONE = 'UTC'
USE_I18N = True
USE_L10N = True
USE_TZ = True
STATIC_URL = '/static/'
STATICFILES_DIRS = (
STATIC_PATH,
)
MEDIA_URL = '/media/'
MEDIAFILES_DIRS = (
MEDIA_PATH,
)
TEMPLATE_DIRS = (
TEMPLATE_PATH,
)
EMAIL_USE_TLS = True
EMAIL_HOST = 'smtp.email.com'
EMAIL_PORT = 587
EMAIL_HOST_USER = 'myemail@email.com'
EMAIL_HOST_PASSWORD = 'myemailpassword'
DEFAULT_FROM_EMAIL = 'myemail@email.com'
DEFAULT_TO_EMAIL = 'to email'
此外,我正在使用 Django v. 1.7。
编辑: 真正的错误是缺少 SITE_ID 设置。查看小调试会话的评论...
原回答: 您在 https 配置中缺少 /static 别名。
静态资源是https请求的吗?
此外,您在 https 配置中缺少 WSGIDaemonProcess 语句。