Hi there,
I am backpedalling a bit from my previous attempt to chroot mod_wsgi -
instead, for now, just to get this Django application running, for
simplicity, I am going to start out with just running it as a daemon as a
restricted user.
In doing the final testing of my application on various browsers, I have
noticed some strange problems.
When I run Django/mod_wsgi/Apache on port 80 (same config as below, minus
the mod_ssl stuff) or use the django development runserver 0.0.0.0:80, and
disable the following settings in settings.py (#SESSION_COOKIE_SECURE =
True #CSRF_COOKIE_SECURE = True) these browsers work correctly in the app.
However, when running Django application running through mod_wsgi and
HTTPS/port 443 in Apache, I see problems with both IE and Safari browsers.
After login on Internet Explorer, page timeouts occur in various
locations, reporting "This page can't be displayed". On Safari, the app
won't get past the secondary Duo MFA authentication step, saying "Server
unexpectedly dropped the connection." It is not a consistent behavior - seems
to happen more frequently if I click quickly through links. Sometimes if
I wait long enough to click, it might work momentarily, but then not again
a moment later. This behavior does NOT happen using Chrome or Firefox
browsers on any OS.
Apache config:
<IfModule mod_ssl.c>
<VirtualHost *:443>
ServerName **redacted**
#Django WSGI - Daemon
WSGIScriptAlias / /var/www/transfergateway/myproject/apache/wsgi.py
WSGIProcessGroup file-xfer
WSGIDaemonProcess file-xfer user=mod_wsgi group=mod_wsgi
processes=2 threads=25 python-path=/var/www/transfergateway
<Directory /var/www/transfergateway/myproject/apache>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
Alias /robots.txt /var/www/transfergateway/myproject/myapp/static/robots.txt
Alias /favicon.ico
/var/www/transfergateway/myproject/myapp/static/favicon.ico
AliasMatch ^/([^/]*\.css)
/var/www/transfergateway/myproject/myapp/static/styles/$1
Alias /media/ /var/www/transfergateway/myproject/myapp/media/
Alias /static/ /var/www/transfergateway/myproject/myapp/static/
<Directory /var/www/transfergateway/myproject/myapp/static>
Order deny,allow
Allow from all
</Directory>
<Directory /var/www/transfergateway/myproject/myapp/media>
Order deny,allow
Allow from all
</Directory>
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
SSLEngine on
SSLCertificateFile /etc/ssl/certs/***
SSLCertificateKeyFile /etc/ssl/private/**
SSLCertificateChainFile /etc/ssl/certs/**
SSLCipherSuite HIGH:!aNULL:!MD5
</VirtualHost>
</IfModule>
So, I'm concluding that the HTTPS problem is one of two things: how I am
configuring mod_wsgi with HTTPS, or some issue inside the Django code (but
HTTPS works on some browsers with no issues, so I'm stumped...)
Is there anything special that I need to do in mod_wsgi or the Django
application itself, in order to make the application HTTPS only? (I am not
a Python or Django developer, so I would be passing info on to the actual
application developer for resolution.) Any ideas?
thank you,
Jennifer
--
You received this message because you are subscribed to the Google Groups
"modwsgi" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/modwsgi.
For more options, visit https://groups.google.com/d/optout.
