I am trying to set up Flask to run on SSL, along with redirecting all HTTP traffic to HTTPS.
I am currently using Apache as a web server, and it is serving traffic on port 80 HTTP properly. However, when I move the configuration under the port 80 VirtualHost into the port 443 and set up redirection for port 80, redirection works but Apache keeps showing the Apache Test Page, and is not serving the Flask application. The error logs are not showing anything useful. The only error I see is Directory index forbidden by Options directive: /var/www/html. I don't even use /var/www/html, and I know this is mostly a warning for older browsers.
Here is my Apache virtual host set up:
LoadModule wsgi_module modules/mod_wsgi.so
WSGISocketPrefix run/wsgi
NameVirtualHost *:80
<VirtualHost *:80>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</VirtualHost>
NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine on
SSLEngine on
SSLCertificateFile <<FILE PATH>>
SSLCertificateKeyFile <<FILE PATH>>
SSLCertificateChainFile <<FILE PATH>>
SSLProtocol all -SSLv2
SSLCipherSuite ALL:!ADH:!EXPORT:!SSLv2:RC4+RSA:+HIGH:+MEDIUM:+LOW
WSGIPassAuthorization On
WSGIDaemonProcess api processes=4 threads=1
WSGIProcessGroup api
WSGIScriptAlias / /usr/local/app/api/current/conf/application.wsgi
AddType text/html .py
<Directory /usr/local/app/api/current/>
Order deny,allow
Allow from all
</Directory>
</VirtualHost>
What is wrong with it? When I copy all the WSGI and Directory lines into port 80, and copy out 443, it works properly.
This question belongs to Super User.
Btw it's not Flask related.
You're missing DocumentRoot directive in your VirtualHost definition.
So Apache uses the default /var/www/html.
Checkout SSlify. Using this small flask extension all traffic gets redirected from HTTP to HTTPS.
All you have to do is to run the following when initializing your flask app:
from flask import Flask
from flask_sslify import SSLify
app = Flask(__name__)
sslify = SSLify(app)
Related
The current situation is that I have a flask app which runs like a charm if I send my requests to the IP address of the server or docker container.
The app runs in a docker container with ubuntu 18.04 and apache2.4.
This container is implemented in my local development environment where all other apps running in docker containers as well. All containers sharing the same network. So they are able to communicate.
The main problem is that the especially the container which includes the python app only responds if I call it by its IP address. If I call it by its domain name (docker-compose generated) the apache responds with a error 400 and bad request.
That means the container receives the request and led it to the apache but the apache cannot route it to the default virtualhost.
I've tried some things but nothing worked.
ServerName localhost and ServerAlias *
ServerName null and ServerAlias *
Without ServerName and ServerAlias
My current .conf is:
<VirtualHost *:80>
#ServerName null
#ServerAlias *
Options Indexes FollowSymLinks
WSGIDaemonProcess basicflaskapp user=bflaskappuser group=www-data threads=5
WSGIScriptAlias / /var/www/BasicFlaskApp/BasicFlaskApp.wsgi
<Directory /var/www/BasicFlaskApp>
WSGIProcessGroup basicflaskapp
WSGIApplicationGroup %{GLOBAL}
WSGIScriptReloading on
Options FollowSymLinks MultiViews
AllowOverride All
# For Apache 2.4
Require all granted
</Directory>
ErrorLog /var/www/BasicFlaskApp/error.log
</VirtualHost>
This is the one and only .conf. There is no other .conf which could be used.
That means for me that this .conf will be default.
I won't define a fixed domain name because it changed sometimes in my development and production development.
Does anybody has an idea how to fix this?
I have deployed my Django web app on a digital ocean droplet. The python server is running on port 8000.
python manage.py runserver 0.0.0.0:8000
I have configured apache web server to serve the requests.
/etc/apache2/sites-available/000-default.conf
<VirtualHost *:80>
ServerAdmin webmaster#localhost
DocumentRoot /etc/myproject
ErrorLog ${APACHE_LOG_DIR}/error.log
CustomLog ${APACHE_LOG_DIR}/access.log combined
#Serving static files
Alias /static/ /etc/myproject/static/
<Directory /etc/myproject/static>
Require all granted
</Directory>
<Directory /etc/myproject/myproject>
<Files wsgi.py>
Require all granted
</Files>
</Directory>
WSGIDaemonProcess myproject python-path=/etc/myproject python-home=/etc/myprojectenv
WSGIProcessGroup myproject
WSGIScriptAlias / /etc/myproject/myproject/wsgi.py
</VirtualHost>
Now when I am accessing my web app using the IP address X.X.X.X, I am able to see my app, however the app is also accessible on port 8000, X.X.X.X:8000.
I want to prevent my app from being accessed on any other port except being accessed ousing IP. How can I do that?
Okay I was missing a point here that I don't need to run Django server as well when I have configured Apache web server to serve my requests. All request are served by the mod_wsgi Apache module. The mod_wsgi package provides an Apache module that implements a WSGI compliant interface for hosting Python based web applications on top of the Apache web server.
I want to render my Django with jelatic.
I cloned my Django app on jelastic.
I configured my Postgres database and modified my settings.py so that my app is connecting to my database.
Finally to render my app I run this in the SSH : python manage.py runserver
And everything seems to work :
But I get this response on my browser:
Any help will be appreciated =)
The thing is that as we can see the site is started manually on the localhost (127.0.0.1) and on port 8000. Then there is a try to open the domain from the outside (despite the fact that the application is listening only on 127.0.0.1 localhost and only on port 8000). Obviously, nothing is opened in response because Apache is listening on port 80, which is not configured to work with this application (and the application itself is also not accessible from the outside).
In order for Apache + mod_wsgi to work successfully with this application, the application is not needed to be started manually as was done before, but it is needed to write a wsgi entry point similar to what is described here https://jelastic.com/blog/django-cms-installation-python-cloud-hosting/ (point 6 of manual installation).
So i found out how to modify apache server file to put your own django web app on Jelastic solution:
Go to the file : /etc/httpd/conf.d/wsgi.conf
Do these modification:
#---------- Put this in comment line ----------
#Alias /images /var/www/webroot/ROOT/images
#Alias /static /var/www/webroot/ROOT/static
#WSGIScriptAlias / ${WSGI_SCRIPT}
#WSGIProcessGroup apache
#---------- Add those code line ----------
WSGIScriptAlias / /path/to/mysite.com/mysite/wsgi.py
WSGIPythonHome /path/to/venv
WSGIPythonPath /path/to/mysite.com
<Directory /path/to/mysite.com/mysite>
<Files wsgi.py>
Order deny,allow
Allow from all
</Files>
</Directory>
Alias /media/ /path/to/mysite.com/media/
Alias /static/ /path/to/mysite.com/static/
<Directory /path/to/mysite.com/static>
Order deny,allow
Allow from all
</Directory>
<Directory /path/to/mysite.com/media>
Order deny,allow
Allow from all
</Directory>
I'm trying to host two different apps on different Virtual Hosts with different ports on Windows 10. Problem is that apache completely hangs after few requests from one app to another.
Hosting them on one Virtual Host with different paths seems to solve the problem, and so does disabling requests.
Both apps are Python Flask web servers.
httpd.conf
Listen 80
Listen 3000
ServerName localhost
<VirtualHost *:80>
WSGIScriptAlias / F:\path\to\server.wsgi
<Directory F:\path\to>
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:3000>
WSGIScriptAlias / F:\another\path\to\server.wsgi
<Directory F:\another\path\to>
Require all granted
</Directory>
</VirtualHost>
AcceptFilter http none
AcceptFilter https none
Seems that i found the solution:
If you using C modules in your apps then add this line inside VirtualHost
WSGIApplicationGroup %{GLOBAL}
Slow page loading on apache when using Flask
https://modwsgi.readthedocs.io/en/develop/user-guides/application-issues.html#python-simplified-gil-state-api
My Flask and mod_wsgi app seems to be breaking ports. Every month or so my page will stop loading and I get a "Google Chrome could not connect to " message, but moving it to a new port fixes it. I've checked the apache log and there doesn't seem to be anything wrong there. If I stop apache from listening to the port and run my dev version of the Flask app on one of the ports that the live version has previously used I get the same "Google Chrome could not connect to " message. While apache is listening Netstat shows that the port is being listened to by apache and lsof -i returns a bunch of apache processes that are using the port. I'm not sure if any of that is normal for mod_wsgi. If I remove the port from apache both netstat and lsof return nothing but the port still doesn't work for mod_wsgi or flask.
Here is the mod_wsgi part of my config file with the ip, domain, and user/group changed
<VirtualHost 0.0.0.0:8880>
ServerName test.example.com
DocumentRoot /var/www/html
WSGIDaemonProcess dash user=user group=group threads=5
WSGIScriptAlias / /var/www/html/dash/dashboard.wsgi
<Directory /var/www/html/dash>
WSGIProcessGroup dash
WSGIApplicationGroup %{GLOBAL}
Order deny,allow
Allow from all
</Directory>
# records regular flask errors
ErrorLog /var/www/html/dash/error.log
LogLevel warn
Here is my wsgi file
import os
import sys
# location of flask app
sys.path.insert(0, '/var/www/flask/dashboard')
from dashboard import app as application
# logs python errors at production.log
if not application.debug:
import logging
this_dir = os.path.dirname(__file__)
log_file = os.path.join(this_dir, 'production.log')
file_handler = logging.FileHandler(log_file)
file_handler.setLevel(logging.WARNING)
application.logger.addHandler(file_handler)
Rewriting the virtual host without an ip address seems to have fixed the issue.
<VirtualHost *:8880>
Thanks to the mod_wsgi user group who found the answer [https://groups.google.com/forum/#!forum/modwsgi][1]