Forums

Placing code outside of document root problems with Apache and Django

Hello all,

In the Django docs they mention the following,

Where should this code live?

If your background is in plain old PHP (with no use of modern frameworks), youre probably used to putting code under the Web servers document root (in a place such as /var/www). With Django, you dont do that. Its not a good idea to put any of this Python code within your Web servers document root, because it risks the possibility that people may be able to view your code over the Web. Thats not good for security.

Put your code in some directory outside of the document root, such as /home/mycode.

I am deploying my first django app and hate to admit that this is confusing the heck out of me. I read the topic on stack overflow concerning this topic and I am still having trouble with it. https://stackoverflow.com/questions/19389083/placing-code-outside-of-document-root-problems-with-apache-and-django

I have read both the python anywhere deployment procedures and the django girls and both do not mention this. What steps do I need to take when deploying my app to make sure my python code is not available to the public.

Additionally, I am a little confused about the relationship between NGINX and django. I edited the WSGI file as described in https://help.pythonanywhere.com/pages/DeployExistingDjangoProject

Is that all I need to do?! I thought that getting NGINX set up would be more involved.

Thanks for the help!

You could actually do either on PythonAnywhere. We actually do all the nginx/uWSGI stuff for you, so you don't actually need to do anything.

By default, we do put your webapp in /home/your-user-name/your-webapp-name, but you just need to specify an alternative path in the uWSGI.py file to say put your webapp in /var/www.