如何通过HTTPS提供Django静态文件？

Question

访问通过HTTPS提供的静态文件时，出现404错误，但静态文件通过HTTP正常工作。

要清楚，我可以通过两种方式访问​​特定页面，例如http://domain.com/page和https://domain.com/page，但在HTTPS的情况下，图像将无法加载。

此外，直接访问图像http://domain.com/static/image.png的作品，但https://domain.com/static/image.png回报404

我使用的Apache2 mod_wsgi的运行Ubuntu 10.04和Django 1.3。

这里有相关的文件（WSGI和prod.conf和secure_prod.conf和settings.py）：

django.wsgi

import os 
import sys 
import site 

sys.stdout = sys.stderr # Allows use of print statements 

PROJECT_ROOT = '/home/code/domain/src/domain-project/' 
site_packages = '/home/code/domain/lib/python2.6/site-packages' 

site.addsitedir(os.path.abspath(site_packages)) 
sys.path.insert(0, PROJECT_ROOT) 
sys.path.insert(1, os.path.join(PROJECT_ROOT, "domain")) 
sys.path.insert(2, site_packages) 
os.environ['DJANGO_SETTINGS_MODULE'] = 'domain.settings' 
os.environ['PYTHON_EGG_CACHE'] = '/home/administrator/.python-eggs' 
os.environ["CELERY_LOADER"] = "django" 

import django.core.handlers.wsgi 
application = django.core.handlers.wsgi.WSGIHandler() 

# Load a monitor to automatically reload apache when files change 
import domain.monitor 
domain.monitor.start(interval=1.0) 

production.conf

<VirtualHost *:80> 

    # Admin email, Server Name (domain name) and any aliases 
    ServerAdmin d@domain.com 
    ServerName domain.com 
    ServerAlias *.domain.com 

    DocumentRoot /home/code/domain/src/domain-project/domain 
    LogLevel warn 
    WSGIDaemonProcess domain-production processes=5 maximum-requests=500 threads=100 
    WSGIProcessGroup domain-production 
    WSGIScriptAlias//home/code/domain/src/domain-project/apache/production.wsgi 

    SetEnv PYTHON_EGG_CACHE /home/apache/.python_eggs 

    Alias /admin/media /home/code/domain/lib/python2.6/site-packages/django/contrib/admin/media 
    Alias /site_media /home/code/domain/src/domain-project/static 
    Alias /static /home/code/domain/src/domain-project/static 
    Alias /robots.txt /home/code/domain/src/domain-project/static/robots.txt 
    Alias /favicon.ico /home/code/domain/src/domain-project/static/favicon.ico 

    <Location /admin/media> 
    SetHandler None 
    Order allow,deny 
    Allow from all 
    </Location> 

    <Location /site_media> 
    SetHandler None 
    Order allow,deny 
    Allow from all 
    </Location> 

    <LocationMatch "\.(jpg|gif|png|mp4)$"> 
    SetHandler None 
    </LocationMatch> 

    <LocationMatch "^/(robots\.txt|favicon\.ico|crossdomain\.xml)$"> 
    SetHandler none 
    </LocationMatch> 

    ErrorLog /var/log/apache2/domain/production_error.log 
    LogLevel info 
    CustomLog /var/log/apache2/domain/production_access.log combined 

</VirtualHost> 

secure_production .conf

<VirtualHost *:443> 

    ServerAdmin d@domain.com 
    ServerName domain.com 
    ServerAlias *.domain.com 

    DocumentRoot /home/code/domain/src/domain-project/domain 
    LogLevel warn 
    WSGIDaemonProcess domain-production processes=5 maximum-requests=500 threads=100 
    WSGIProcessGroup domain_production_secure 
    WSGIScriptAlias//home/code/domain/src/domain-project/apache/production.wsgi 

    SSLEngine on 
    SSLOptions +StrictRequire 

    <Directory /> 
     SSLRequireSSL 
    </Directory> 

    SSLProtocol -all +TLSv1 +SSLv3 
    SSLCipherSuite HIGH:MEDIUM:!aNULL:+SHA1:+MD5:+HIGH:+MEDIUM 

    SSLCertificateFile /home/code/domain/src/domain-project/apache/key/domain.COM.crt 
    SSLCertificateKeyFile /home/code/domain/src/domain-project/apache/key/domain.com.key 
    SSLCertificateChainFile /home/code/domain/src/domain-project/apache/key/Apache_Plesk_Install.txt 
    SSLVerifyClient none 
    SSLProxyEngine off 

    <IfModule mime.c> 
     AddType application/x-x509-ca-cert  .crt 
     AddType application/x-pkcs7-crl   .crl 
    </IfModule> 


    SetEnv PYTHON_EGG_CACHE /home/apache/.python_eggs 


    Alias /admin/media /home/code/domain/lib/python2.6/site-packages/django/contrib/admin/media 
    Alias /site_media /home/code/domain/src/domain-project/static 
    Alias /static /home/code/domain/src/domain-project/static 
    Alias /robots.txt /home/code/domain/src/domain-project/static/robots.txt 
    Alias /favicon.ico /home/code/domain/src/domain-project/static/favicon.ico 


    <Location /admin/media> 
     SetHandler None 
     Order allow,deny 
     Allow from all 
    </Location> 

    <Location /site_media> 
     SetHandler None 
     Order allow,deny 
     Allow from all 
    </Location> 

    <LocationMatch "\.(jpg|gif|png|mp4)$"> 
     SetHandler None 
    </LocationMatch> 

    <LocationMatch "^/(robots\.txt|favicon\.ico|crossdomain\.xml)$"> 
     SetHandler none 
    </LocationMatch> 

    ErrorLog /var/log/apache2/domain/production_secure_error.log 
    LogLevel info 
    CustomLog /var/log/apache2/domain/production_secure_access.log combined 

</VirtualHost> 

settings.py

# Django settings for domain project. 
import os 

DEBUG = False 
TEMPLATE_DEBUG = DEBUG 

# create a relative path to anything on the project from the PROJECT PATH 
SETTINGS_PATH = os.path.dirname(os.path.abspath(__file__)) 
PROJECT_PATH = os.path.join(*os.path.split(SETTINGS_PATH)[:-1]) 
rel = lambda * args: os.path.join(PROJECT_PATH, *args) 

# Absolute path to the directory static files should be collected to. 
# Don't put anything in this directory yourself; store your static files 
# in apps' "static/" subdirectories and in STATICFILES_DIRS. 
# Example: "/home/media/media.lawrence.com/static/" 
STATIC_ROOT = rel('..', 'static') 

# URL prefix for static files. 
# Example: "http://media.lawrence.com/static/" 
STATIC_URL = '/static/' 

# Additional locations of static files 
STATICFILES_DIRS = (
    # Put strings here, like "/home/html/static" or "C:/www/django/static". 
    # Always use forward slashes, even on Windows. 
    # Don't forget to use absolute paths, not relative paths. 
) 

# List of finder classes that know how to find static files in 
# various locations. 
STATICFILES_FINDERS = (
    'django.contrib.staticfiles.finders.FileSystemFinder', 
    'django.contrib.staticfiles.finders.AppDirectoriesFinder', 
# 'django.contrib.staticfiles.finders.DefaultStorageFinder', 
) 

# List of callables that know how to import templates from various sources. 
TEMPLATE_LOADERS = (
    'django.template.loaders.filesystem.Loader', 
    'django.template.loaders.app_directories.Loader', 
#  'django.template.loaders.eggs.Loader', 
) 

TEMPLATE_CONTEXT_PROCESSORS = (
    'django.contrib.auth.context_processors.auth', 
    'django.core.context_processors.debug', 
    'django.core.context_processors.i18n', 
    'django.core.context_processors.request', 
    'django.core.context_processors.static', 
) 


MIDDLEWARE_CLASSES = (
    'django.middleware.common.CommonMiddleware', 
    'django.contrib.sessions.middleware.SessionMiddleware', 
    'django.middleware.csrf.CsrfViewMiddleware', 
    'django.contrib.auth.middleware.AuthenticationMiddleware', 
    'django.contrib.messages.middleware.MessageMiddleware', 
) 

ROOT_URLCONF = 'domain.urls' 

TEMPLATE_DIRS = (
    # Put strings here, like "/home/html/django_templates" or "C:/www/django/templates". 
    # Always use forward slashes, even on Windows. 
    # Don't forget to use absolute paths, not relative paths. 
    rel('..', 'templates'), 
) 

DJANGO_APPS= [ 
    'django.contrib.auth', 
    'django.contrib.contenttypes', 
    'django.contrib.sessions', 
    'django.contrib.sites', 
    'django.contrib.messages', 
    'django.contrib.staticfiles', 
    'django.contrib.admin', 
] 

THIRDPARTY_APPS = [ 
    'djcelery', 
    'djkombu', 
    #'sentry', 
    #'sentry.client', 
    #'south', 
] 

domain_APPS= [] 

INSTALLED_APPS = DJANGO_APPS + THIRDPARTY_APPS + domain_APPS 

Answer 1

您还需要别名所有静态介质和管理文件。

目前你似乎对80和443端口进行服务Django的，但现场媒体只是在端口80上的别名规则和所在地段刚复制到secure_production.conf

Answer 2

你443虚拟主机不能被使用，因为如果它是mod_wsgi会抱怨有几个原因。第一个原因是'域生产'被多次用于WSGIDaemonProcess，而mod_wsgi将不允许这样做，因为名称在整个Apache实例中必须是唯一的。其次，443中的WSGIProcessGroup引用了'domain_production_secure'，其中没有WSGIDaemonProcess组指令。

您需要验证哪些文件正在被读取。你可以通过在文件中引入一个语法错误来做到这一点，并看看当你启动或进行配置测试时，Apache是​​否抱怨。

如果您正在修改要发布的内容，请尽量不要这样做，因为您所做的任何更改会改变其意义，从而使其更难以调试。

顺便说一下，你的配置已经继承了mod_wsgi不需要的某些东西，只需要mod_python。你应该回去修改mod_wsgi文档并清理这些东西。特别是SetEnv for Python egg cache不适用于mod_wsgi和SetHandler None不需要mod_wsgi。围绕Apache访问控制指令使用Location指令也是不好的做法。改为使用Directory指令将它们应用于物理目录。