启用 SSL 后被禁止

tag-icon tag-icon apache-2.4 django certbot
启用 SSL 后被禁止

我最近使用 LetsEncrypt 的 Certbot 在我的服务器上启用 SSL。它在 Ubuntu 16.04 上运行 Apache 2.4.18 和 Django 1.11。如前所述这里,我在同一文件中复制了 443 的 :80 VirtualHost 定义。现在,每当我尝试通过 HTTPS 访问我的网站时,都会收到 403 Forbidden 错误。以下是我当前的网站配置文件,经过了轻度匿名化:

WSGIApplicationGroup %{GLOBAL}
WSGIDaemonProcess MyApp python-home=/home/Administrator/Documents/MyRepo/MyRepo_env python-path=/home/administrator/Documents/MyRepo/MyApp
WSGIProcessGroup MyApp

<VirtualHost *:80>
        ServerName myapp.com

        ServerAdmin [email protected]
        DocumentRoot /var/www/html

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        Alias /static /home/administrator/Documents/MyRepo/MyApp/static
        <Directory /home/administrator/Documents/MyRepo/MyApp/static>
                Require all granted
        </Directory>

        <Directory /home/administrator/Documents/MyRepo/MyApp/MyApp>
                <Files wsgi.py>
                        Require all granted
                </Files>
        </Directory>

        WSGIScriptAlias / /home/administrator/Documents/MyRepo/MyApp/MyApp/wsgi.py

RewriteEngine on
RewriteCond %{SERVER_NAME} =myapp.com
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

<VirtualHost *:443>
        ServerName myapp.com

        ServerAdmin [email protected]
        DocumentRoot /var/www/html

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined

        Alias /static /home/administrator/Documents/MyRepo/MyApp/static
        <Directory /home/administrator/Documents/MyRepo/MyApp/static>
                Require all granted
        </Directory>

        <Directory /home/administrator/Documents/MyRepo/MyApp/MyApp>
                <Files wsgi.py>
                        Require all granted
                </Files>
        </Directory>

        <Directory /var/www/html>
                Require all granted
        </Directory>
        WSGIScriptAlias / /home/administrator/Documents/MyRepo/MyApp/MyApp.wsgi.py

SSLCertificateFile /etc/letsencrypt/live/myapp.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/myapp.com/privkey.pem
Include /etc/letsencrypt/options-ssl-apache.conf
</VirtualHost>

# vim: syntax=apache ts=4 sw=4 sts=4 sr noet

Apache 日志中唯一显示的内容是client denied by server configuration: /home/administrator/Documents/MyRepo/MyApp/MyApp.wsgi.py

我需要修改哪些权限或需要更改哪些设置才能使其通过 SSL 工作?

答案1

好吧,这真是令人沮丧。问题最终归结为我的第二个 VirtualHost 定义中的一个简单拼写错误。具体来说,WSGIScriptAliasWSGIScriptAlias / /home/administrator/Documents/MyRepo/MyApp/MyApp/wsgi.py不应该是 。唯一的区别是在最后的和WSGIScriptAlias / /home/administrator/Documents/MyRepo/MyApp/MyApp.wsgi.py之间有一个句号,而这里应该有一个斜线。希望其他人能读到这篇文章,省去数小时无意义的调试时间。MyAppwsgi.py

相关内容