1

I have a Django project which I just deployed using Apache and mod_wsgi, which seemed to be working perfectly. I then changed the Apache config file to allow HTTPS and now my admin site is not working (though the regular site does work with both http and https).

First, if I go to http://www.example.com/admin or https://www.example.com/admin, I get "Server Error (500)". There is nothing listed in my Apache error log but I get the following line in other_vhosts_access.log:

With HTTPS:

"GET /admin/login/?next=/admin/ HTTP/1.1" 500 553 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36"

With HTTP:

"GET /admin/login/?next=/admin/ HTTP/1.1" 500 300 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.90 Safari/537.36"

Second, if I login to www.example.com using my admin username and password AND THEN go to www.example.com/admin I get the standard admin panel (if I use HTTP) or I get the admin panel minus any CSS (when I use HTTPS).

Here is my current Apache config file (EDITED to add missing /static alias): 

<VirtualHost *:80>
    ServerAdmin webmaster@localhost
    ServerName www.example.com
    ServerAlias www.example.com
    DocumentRoot /srv/www/www.example.com

    Alias /static /srv/www/www.example.com/static
    <Directory /srv/www/www.example.com/static>
        Order allow,deny
        Allow from all
    </Directory>

    <Directory /srv/www/www.example.com/my_app>
        <Files wsgi.py>
            Allow from all
        </Files>
    </Directory>

    WSGIDaemonProcess my_app python-path=/srv/www/bcsurvey.wwbp.org:/srv/www/www.example.com/virtenv/lib/python2.7/site-packages
    WSGIProcessGroup my_app
    WSGIScriptAlias / /srv/www/www.example.com/my_app/wsgi.py
 </VirtualHost>

 NameVirtualHost *:443
 <VirtualHost *:443>
    SSLEngine on
    SSLCertificateFile    /etc/apache2/sslkey/mykey.crt
    SSLCertificateKeyFile /etc/apache2/sslkey/mykey.crt

    ServerAdmin webmaster@localhost
    ServerName www.example.com
    ServerAlias www.example.com
    DocumentRoot /srv/www/www.example.com

    WSGIProcessGroup my_app
    WSGIScriptAlias / /srv/www/www.example.com/my_app/wsgi.py

    Alias /static /srv/www/www.example.com/static
    <Directory /srv/www/www.example.com/static>
        Order allow,deny
        Allow from all
    </Directory>

    <Directory /srv/www/www.example.com/my_app>
        <Files wsgi.py>
            Allow from all
        </Files>
    </Directory>
 </VirtualHost>

Here is my settings.py file:

 import os
 BASE_DIR = os.path.dirname(os.path.dirname(__file__))

 TEMPLATE_PATH = os.path.join(BASE_DIR, 'templates')
 STATIC_PATH = os.path.join(BASE_DIR, 'static')
 STATIC_ROOT = '/srv/www/www.example.com'
 MEDIA_PATH = os.path.join(BASE_DIR, 'media')                                                                                                             

 # SECURITY WARNING: keep the secret key used in production secret!                                                                                                                   
 SECRET_KEY = 'mykey'

 # SECURITY WARNING: don't run with debug turned on in production!                                                                                                                    
 DEBUG = False

 TEMPLATE_DEBUG = True

 ALLOWED_HOSTS = ['www.example.com']

 INSTALLED_APPS = (
     'django.contrib.admin',
     'django.contrib.auth',
     'django.contrib.contenttypes',
     'django.contrib.sessions',
     'django.contrib.messages',
     'django.contrib.staticfiles',
     'django.contrib.sites',
     'survey',
 )

 MIDDLEWARE_CLASSES = (
     'django.contrib.sessions.middleware.SessionMiddleware',
     'django.middleware.common.CommonMiddleware',
     'django.middleware.csrf.CsrfViewMiddleware',
     'django.contrib.auth.middleware.AuthenticationMiddleware',
     'django.contrib.auth.middleware.SessionAuthenticationMiddleware',
     'django.contrib.messages.middleware.MessageMiddleware',
     'django.middleware.clickjacking.XFrameOptionsMiddleware',
 )

 ROOT_URLCONF = 'my_app.urls'

 WSGI_APPLICATION = 'my_app.wsgi.application'

 DATABASES = {
     'default': {
     'ENGINE': 'django.db.backends.sqlite3',
         'NAME': os.path.join(BASE_DIR, 'db.sqlite3'),
     }
 }

 LANGUAGE_CODE = 'en-us'
 TIME_ZONE = 'UTC'
 USE_I18N = True
 USE_L10N = True
 USE_TZ = True                                                                                                                       

 STATIC_URL = '/static/'
 STATICFILES_DIRS = (
     STATIC_PATH,
 )

 MEDIA_URL = '/media/'
 MEDIAFILES_DIRS = (
     MEDIA_PATH,
 )

 TEMPLATE_DIRS = (
     TEMPLATE_PATH,
 )

 EMAIL_USE_TLS = True
 EMAIL_HOST = 'smtp.email.com'
 EMAIL_PORT = 587
 EMAIL_HOST_USER = 'myemail@email.com'
 EMAIL_HOST_PASSWORD = 'myemailpassword'
 DEFAULT_FROM_EMAIL = 'myemail@email.com'
 DEFAULT_TO_EMAIL = 'to email'

Also, I am using Django v. 1.7.

Moe Far
  • 2,742
  • 2
  • 23
  • 41
Sal
  • 1,653
  • 6
  • 23
  • 36

1 Answers1

2

Edit: Real error was the missing SITE_ID setting. See comments for out little debug session...

Original answer: You're missing the /static Alias in your https config.

Are the static assets requested by https?

Additionally, you're missing the WSGIDaemonProcess statement in your https config.

Mischback
  • 843
  • 5
  • 18
  • I added the /static Alias to the https config and that fixed the missing CSS problem, but I still get "Server Error (500)" if I go to www.example.com/admin. Also I didn't add the WSGIDaemonProcess statement in the https config based on the answer here: http://stackoverflow.com/questions/1548210/how-to-force-the-use-of-ssl-for-some-url-of-my-django-application. If I do add it then I get an error when I restart Apache: Name duplicates previous WSGI daemon definition. Action 'configtest' failed. – Sal Jun 29 '15 at 17:53
  • I tried this and still get "Server Error (500)" and nothing printed in the Apache error logs. Is there a Django error log file somewhere that I don't know about? – Sal Jun 29 '15 at 18:07
  • I'm confused by the missing entry in error.log. Can you set up a proper ErrorLog-setting? http://httpd.apache.org/docs/2.2/mod/core.html#errorlog – Mischback Jun 29 '15 at 18:18
  • I fixed the Django debugging and got the following error: Create a site in your database and set the SITE_ID setting to fix this error. So I added to SITE_ID = 1 to my settings file and everything worked. Thank you!!! – Sal Jun 29 '15 at 18:32
  • 2
    Doesn't need a WSGIDaemonProcess directive in the SSL VirtualHost. the WSGIProcessGroup is reaching across and using the one defined in other VirtualHost. This is allowed for a 80/443 pairing and is the recommended way. That is, just wasting memory having separate one for port 443 when have both 80/443 setup and can use the same. – Graham Dumpleton Jun 29 '15 at 20:41