I need to expose my site to the internet (there are things keeping it from being stumbled upon by most people) but I want to make sure the debug page which appears when a 500 (?) error occurs is only seen by people inside my LAN; that is, a known IP range.
I am referring specifically to errors thrown by my Django site — I don’t need to hide 500 pages that’re generated by my webserver (e.g. when an error occurs before things ever “get” to the Django side).
I looked into this some, and discovered I can check the IP via HTTP headers, or through various functions to get remote IP. But then there is the matter of configuring the debug pages based on such.
However, given the sensitive nature of the information I am attempting to hide, I thought it best to ask around first before just going w/whatever shoe appears to fit first. I would think Django is mature enough and has enough users that there is one or more “right” ways to do this, so I’m asking for some input.
Add’l info: running Django 1.3 and 1.4 (dev) on Apache with mod_wsgi on an Ubuntu box.
You are better off configuring properly the ADMINS and SMTP settings so that details of such errors are sent to you in email. Trying to base configuration differences off client IP is a bad idea especially when proxies are involved.
You might also look at Sentry and New Relic.