Hello, I'm not certain I understand what you are describing. Is Apache listening on port 8000? How is it possible that you are using "runserver" when you are running Django through mod_wsgi? Something is wrong there.
Also, don't put your Django app's files in public_html or any other directory that is publicly served by Apache. You don't want visitors from the web reading your source code (or, much worse, your settings file with its secrets). If you haven't done this before you may be confused by static files, in which case this article (of mine) <https://djangodeployment.com/2016/11/21/how-django-static-files-work-in-production/> may help. Regards, Antonis Antonis Christofides http://djangodeployment.com On 2018-01-21 05:00, drone4four wrote: > I’ve played with a little Django (v2.0.1) locally. Now I am trying to > implement a test case on my production Apache web server. I’m running an > Ubuntu 14.04 DigitalOcean droplet (will upgrade to 18.04 later this year). > > I got Django running. > > Here it is: http://www.angeles4four.info:8000/ > > Before I log into my admin panel, I figure it’s best practices to set up HTTPS > first. But when I visit that URL, Chrome throws this message: > > > This site can’t provide a secure connection http://www.angeles4four.info > sent an invalid response. ERR_SSL_PROTOCOL_ERROR > > > And my shell on my server shows this message: > > [20/Jan/2018 23:54:39] "GET / HTTP/1.1" 200 16559 [21/Jan/2018 00:01:23] > code 400, message Bad request syntax > > ('\x16\x03\x01\x00Ì\x01\x00\x00È\x03\x03&6U\x10µ\x82\x97\x7f´8\x1e«\x0e¿ÿ§\x89æ\x82\r¢G§\x01ç°P%\x80)ÕÃ\x00\x00\x1c > * À+À/À,À0̨̩À\x13À\x14\x00\x9c\x00\x9d\x00/\x005\x00') [21/Jan/2018 > 00:01:23] *You're accessing the development server over HTTPS, but it only > supports HTTP.* > > > That’s because SSL isn’t set up. My current SSL Certificate Authority is Let’s > Encrypt. SSL is running properly for my public_html content but not for my > recent deployment of Django. > > I found some resources elsewhere on SO for setting up SSL with Django. > > In an SO post titled, “Configure SSL Certificate on Apache for Django > Application (mod_wsgi)”, a highly upvoted answer by Alexey Kuleshevich > suggests a template for 000-default.conf and default-ssl.conf for Apache > vhosts. See here: Configure SSL Certificate on Apache for Django Application > (mod_wsgi) > <https://stackoverflow.com/questions/32812570/configure-ssl-certificate-on-apache-for-django-application-mod-wsgi> > > I did my best to change up the suggested values and entries so that they refer > to my specific configuration. Here are what these two vhost configuration > files of mine look like now. > > /etc/apache2/sites-available/angeles4four.info-le-ssl.conf: > > | > <IfModulemod_ssl.c> > <VirtualHost*:443> > #ServerName http://www.example.com > ServerAdmin coffee.drinker.dan...@gmail.com > ServerName angeles4four.info > ServerAlias http://www.angeles4four.info > DocumentRoot /var/www/html/angeles4four.info/public_html > > > ErrorLog ${APACHE_LOG_DIR}/error.log > CustomLog ${APACHE_LOG_DIR}/access.log combined > > > # Django Application > Alias /static /var/www/html/angeles4four.info/public_html/Cel2FahConversion > <Directory/var/www/html/angeles4four.info/public_html/Cel2FahConversion> > Require all granted > </Directory> > <Directory/var/www/html/angeles4four.info/public_html/Cel2FahConversion> > <Fileswsgi.py> > Require all granted > </Files> > </Directory> > WGIDaemonProcess cel > python-path=/var/www/html/angeles4four.info/public_html/Cel2FahConversion/venv/bin/python3 > WSGIProcessGroup cel > WSGIScriptAlias / > /var/www/html/angeles4four.info/public_html/Cel2FahConversion/Cel2FahConversion/Cel2FahConversion/wsgi.py > > > SSLCertificateFile /etc/letsencrypt/live/angeles4four.info/cert.pem > SSLCertificateKeyFile /etc/letsencrypt/live/angeles4four.info/privkey.pem > Include /etc/letsencrypt/options-ssl-apache.conf > SSLCertificateChainFile /etc/letsencrypt/live/angeles4four.info/chain.pem > </VirtualHost> > </IfModule> > | > > > angeles4four.info.conf: > > | > Quote: > <VirtualHost*:80> > > > #ServerName http://www.example.com > serveradmincoffee.drinker.dan...@gmail.com > ServerNameangeles4four.info > ServerAliashttp://www.angeles4four.info > DocumentRoot/var/www/html/angeles4four.info/public_html > <Directory"/var/www/html/angeles4four.info/public_html"> > OptionsIndexesFollowSymlinks > AllowOverrideAll > Requireall granted > </Directory> > > > ErrorLog ${APACHE_LOG_DIR}/error.log > CustomLog${APACHE_LOG_DIR}/access.log combined > > > RewriteEngineon > RewriteCond%{SERVER_NAME}=angeles4four.info [OR] > RewriteCond%{SERVER_NAME}=www.angeles4four.info > RewriteRule^https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] > </VirtualHost> > | > > No dice. I still get the same traceback as I initially shared. > > The next SO post I came across suggests modifying settings.py. Here it is: > Error "You're accessing the development server over HTTPS, but it only > supports HTTP" > <https://stackoverflow.com/questions/35536491/error-youre-accessing-the-development-server-over-https-but-it-only-supports/41444706> > > The upvoted suggestion here by YoYo is to modify session cookies and secure > SSL redirect. YoYo also recommends managing base, local, production settings > which doesn’t really apply to me. So I tried adding these three lines to my > settings.py: > > > | > SESSION_COOKIE_SECURE =True > CSRF_COOKIE_SECURE =True > SECURE_SSL_REDIRECT =True > | > > > My python3 manage.py runserver shell traceback still says: *“You're accessing > the development server over HTTPS, but it only supports HTTP.”* > > Any ideas? What else could I try? > > Thanks for your attention. > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com > <mailto:django-users+unsubscr...@googlegroups.com>. > To post to this group, send email to django-users@googlegroups.com > <mailto:django-users@googlegroups.com>. > Visit this group at https://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/c0592c57-9a5a-4693-b685-80933643eb49%40googlegroups.com > <https://groups.google.com/d/msgid/django-users/c0592c57-9a5a-4693-b685-80933643eb49%40googlegroups.com?utm_medium=email&utm_source=footer>. > For more options, visit https://groups.google.com/d/optout. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/4d7c39e1-26da-ceb8-fd39-d33e8483ff34%40djangodeployment.com. For more options, visit https://groups.google.com/d/optout.
