I am very new to apache and django, so execuse me if this question is simple. I am trying to deploy an existing site to an apache server. For the time being, the site is still in development so I am only deploying it as a virtualhost on my local machine.
I am using Django’s WSGI module in the deployment. In my site’s config file, I have the following aliases:
Alias /media/ /home/tester/Desktop/siteRootDir/media
Alias /content/ /home/tester/Desktop/siteRootDir/content
WSGIScriptAlias /c /home/tester/Desktop/siteRootDir/deploy/site.wsgi
When I run apache and go to localhost/c I was getting the (13)PermissionDenied error in the apache log. To get around that error, I (admitedly stupidly) ran
chmod -R 777 /home/tester/Desktop/siteRootDir
I know that is not the way to deal with the issue, but I just wanted the site to work so I can continue its development.
So my question is, what are the correct permission settings to the siteRootDir directory and its sub-directories such that the site will run and I do not expose unnecessary files in the directory.
Also, I realize that this is not an ideal set up and I will likely run into problems when I deploy the site in production. Can anyone please suggest a better organizational approach to this?
Thanks!
The tightest permissions possible would be 0600 for files and 0700 for dir’s and as a owner the user owning the apache processes. This user differs per OS and flavor (e.g. for OSX it’s www, for Debian/Ubuntu it’s www-data).
This would probably too tight for a development server. At least would you like to be able to modify all your files through your IDE of text editor, so either you should add ACLs for yourself (i.e. the user that edits the Django files, templates and static files).
Also, in a production server you want the apache user to be able to write to directories that hold web uploaded content. That would be somewhere in your static files section (or on a different dedicated static files server).