1、前期准备工作:
<1>、上线前的检查工作。
python manage.py check --deploy
<2>、将DEBUG设置为False并配置ALLOWED_HOSTS。
DEBUG= False
ALLOWED_HOSTS = ['*']
<3>、安全相关的配置
SECURE_HSTS_SECONDS = 3600
SECURE_HSTS_INCLUDE_SUBDOMAINS = True
SECURE_HSTS_PRELOAD = True
SECURE_SSL_REDIRECT = True
SECURE_CONTENT_TYPE_NOSNIFF = True
'''
避免会自动推断内容去执行
'''
SECURE_BROWSER_XSS_FILTER= True
'''
避免js脚本攻击
'''
SESSION_COOKIE_SECURE= True
CSRF_COOKIE_SECURE = True
X_FRAME_OPTIONS = 'DENY'
<4>、借助第三方库(dynaconf)管理敏感信息
pip install dynaconf
<5>、uWSGI的配置
pip install uwsgi
[uwsgi]
http=127.0.0.1:8080
chdir = /Users/USer/Desktop/外卖APP/Django-Axf
wsgi-file=LwdAxf/wsgi.py
processes=4
threads=2
master=True
pidfile=uwsgi.pid
daemonize=uwsgi.log
virtualenv=
uwsgi --ini uwsgi.ini
uwsgi --stop uwsgi.pid
<6>、Nginx+uwsgi的配置
uwsgi配置
[uwsgi]
socket=127.0.0.1:8080
chdir = /Users/USer/Desktop/外卖APP/Django-Axf
wsgi-file=LwdAxf/wsgi.py
processes=4
threads=2
master=True
pidfile=uwsgi.pid
daemonize=uwsgi.log
virtualenv=
Nginx配置
events {
....
}
http {
...
upstream uwsgi{
server xxx.xxx.xxx.xxx:xxxx;
}
server {
listen 80;
server_name localhost;
charset utf-8;
access_log logs/host.access.log main;
location / {
proxy_pass http://uwsgi;
}
location /static {
alias /静态资源路径
}
location = / {
proxy_pass http://ip:port;
}
}
}
如何收集django中的静态资源
STATIC_ROOT = 收集静态文件路径
python manage.py collectstatic
location /static {
alias /静态文件路径;
}