Django Aug 8th 2024

How to Enable HTTPS for Your Django Project on an Ubuntu VPS with Apache: A Comprehensive Guide

T o secure your Django application with HTTPS, clean up your Apache configuration file by removing unrelated code. Then, move your Django settings to a Virtual Host configuration for port 443, including SSL directives. This ensures your application is served securely over HTTPS.

Optimize Your Apache Configuration for Django HTTPS:
Securing your Django project with HTTPS on an Ubuntu VPS using Apache is crucial for safeguarding user data and enhancing site trustworthiness. This guide walks you through the steps to enable HTTPS, including installing Certbot, configuring Apache, and setting up SSL certificates. We’ll cover how to access your server via SSH, install necessary tools, configure Apache for both HTTP and HTTPS, and verify your SSL installation. Follow this detailed tutorial to ensure a secure and smooth browsing experience for your users.

Step-by-Step Guide:

1. Access Your Remote Server via SSH:

ssh -p PORT USERNAME@HOSTIP

2. Update Your Package List:

sudo apt update

3. Install Certbot and Apache Plugin: Certbot automates SSL certificate installation. Use:

sudo apt install certbot python3-certbot-apache

4. Configure Apache Virtual Host for HTTP:

To enhance the security of your Django application by enabling HTTPS, follow these steps to modify your Apache configuration:

sudo vi /etc/apache2/sites-available/django.amankhalsa.in.conf
Edit Your Apache Configuration File:
Open your Apache configuration file for editing. You'll want to streamline the configuration by removing any extraneous code that precedes the settings for your Django project.

Organize Your Virtual Host Configurations:
Move your Django project-specific configurations to a new Virtual Host section for port 443. This will enable HTTPS for your application. Ensure that the SSL directives and other HTTPS-related settings are correctly included in this section.
Add the following configuration for HTTP:


<VirtualHost *:80>
    ServerAdmin admin@django.amankhalsa.in
    ServerName django.amankhalsa.in
    DocumentRoot /var/www/django.amankhalsa.in/django_personal

    RewriteEngine on
    RewriteCond %{SERVER_NAME} =django.amankhalsa.in
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

5. Configure Apache Virtual Host for HTTPS: Add the following SSL configuration:

<IfModule mod_ssl.c>
<VirtualHost *:443>
    ServerAdmin admin@django.amankhalsa.in
    ServerName django.amankhalsa.in
    DocumentRoot /var/www/django.amankhalsa.in/django_personal

    Alias /static /var/www/django.amankhalsa.in/django_personal/staticfiles
    <Directory /var/www/django.amankhalsa.in/django_personal/staticfiles>
        Require all granted
    </Directory>

    Alias /media /var/www/django.amankhalsa.in/django_personal/media
    <Directory /var/www/django.amankhalsa.in/django_personal/media>
        Require all granted
    </Directory>

    <Directory /var/www/django.amankhalsa.in/django_personal/postfolio>
        <Files wsgi.py>
            Require all granted
        </Files>
    </Directory>

    WSGIDaemonProcess django_personal python-path=/var/www/django.amankhalsa.in/django_personal python-home=/var/www/django.amankhalsa.in/django_personal/my_env
    WSGIProcessGroup django_personal
    WSGIScriptAlias / /var/www/django.amankhalsa.in/django_personal/postfolio/wsgi.py

    ErrorLog ${APACHE_LOG_DIR}/django_amankhalsa_error.log
    CustomLog ${APACHE_LOG_DIR}/django_amankhalsa_access.log combined

    SSLCertificateFile /etc/letsencrypt/live/django.amankhalsa.in-0001/fullchain.pem
    SSLCertificateKeyFile /etc/letsencrypt/live/django.amankhalsa.in-0001/privkey.pem
    Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>
</IfModule>
Adjust Firewall Settings: If you have a firewall installed, you'll need to allow HTTPS traffic. Use the following commands to update your firewall rules:
sudo ufw allow 'Apache Full'
sudo ufw delete allow 'Apache'
These commands ensure that your firewall allows HTTPS traffic through port 443, while also removing any previous rules that might have allowed only HTTP traffic.

6. Test Apache Configuration and Reload:

sudo apache2ctl configtest
sudo systemctl reload apache2

7. Obtain and Install the SSL Certificate: Run Certbot to configure your SSL certificate:

sudo certbot --apache

Follow the prompts for email and domain information.

8. Verify SSL Certificate Renewal:

Check Certbot status and perform a dry run:

sudo systemctl status certbot.timer
sudo certbot renew --dry-run
Apply permission 
Working after this  below command 

1. Update Database File Permissions
Assuming your SQLite database is named db.sqlite3:

bash
Copy code
sudo chmod 664 /var/www/django.amankhalsa.in/django_personal/db.sqlite3
sudo chown www-data:www-data /var/www/django.amankhalsa.in/django_personal/db.sqlite3
2. Update Directory Permissions
Set the correct permissions on the project directory:

bash
Copy code
sudo chmod 775 /var/www/django.amankhalsa.in/django_personal
sudo chown www-data:www-data /var/www/django.amankhalsa.in/django_personal
After adjusting the permissions, try accessing the admin panel again to see if the error is resolved.


0 Comments
Leave a Comment

Video

Categories

Tags