Deploy Django application to IIS through HttpPlatform
Posted Updated Python4 minutes read (About 546 words)

Deploy Django application to IIS through HttpPlatform

IIS (Internet Information Service) is a web server that runs on the Microsoft .NET platform. There are a few ways to deploy a Django application to IIS. This post explains how to deploy a Django application to IIS through HttpPlatform.

Install HttpPlatformHandler

The download link is here: https://www.iis.net/downloads/microsoft/httpplatformhandler

Create a new site in IIS

When we create a new site, the physical path should be the root directory of your Django application.

web.config

Go to the project folder and create web.config file at the root location of the application (along with manage.py)

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
<?xml version="1.0" encoding="UTF-8"?>  
<configuration>  
    <system.webServer>  
        <handlers>  
            <add name="PythonHandler" path="*" verb="*" modules="httpPlatformHandler" resourceType="Unspecified" />  
        </handlers>  
        <httpPlatform processPath="path\to\virtual_environment\Scripts\python.exe" 
                        arguments="manage.py runserver %HTTP_PLATFORM_PORT% --noreload" 
                        startupTimeLimit="20" 
                        startupRetryCount="10" 
                        stdoutLogEnabled="true" 
                        stdoutLogFile=".\logs\serverlog">  
            <environmentVariables>  
                <environmentVariable name="SERVER_PORT" value="%HTTP_PLATFORM_PORT%" />  
                <environmentVariable name="PYTHON_PATH" value="path\to\project" />  
            </environmentVariables>  
        </httpPlatform>  
    </system.webServer>  
</configuration>

<handlers> section indicates that we are using httpPlatformHandler

Under <httpPlatform> section, processPath is the python under virtual environment. arguments is the command of running this django application

Under <environmentVariables>, we should mention SERVER_PORT and PYTHON_PATH. PYTHON_PATH is the location of your django project folder.

Permission

Application identity

Once the site is created, IIS will create a new application pool for this site. Click application pool on left panel and find the application pool for this site. Right click the application pool and select Advanced Settings. Make sure ApplicationPoolIdentity is selected in Identity section as shown below:

IIS runs applications in different application pools. The recommended identity is ApplicationPoolIdentity, which is the lowest privilege account. Although we can use LocalSystem to get ride of the trouble caused by permissions, it’s too dangerous to use it in production environment.

In Load User Profile section, select True as previously shown in the image.

Folder permission

We also need to change the permission of the folders and files used by IIS. IIS has a user account named IIS_IUSRS. We need give this account the permission to access the folders and files.

The places we need to change permission are:

  • The root folder of the project
  • The folder of virtual environment
  • The folder of python
  • Other folders and files that are used by the project

Note: Be careful with the file/folder permissions. Usually, we just need “Read & execute”, “List folder contents” and “Read” permissions. Sometimes, we may need “Write” permission if the application needs to create logs or some other writing tasks. Incorrect permission may cause infinite loading for the site.

Microsoft ADFS

When using Microsoft ADFS for authentication, the request will be redirected to a URL generated by django_auth_adfs. We have to make sure that this URL contains https, otherwise it won’t be recognized by Microsoft Azure. To make this happen, we should add following setting to settings.py:

1
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')

Static files

When deploying Django application to IIS, using uvicorn server won’t recognize the static file folder mentioned in settings.py. To serve static files, we need create another web.config file in the static file folder, which is generated by collectstatic command.

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
<configuration>  
    <system.webServer>  
        <handlers>  
           <clear />  
            <add  
                name="StaticFile"  
                path="*" verb="*"  
                modules="StaticFileModule,DefaultDocumentModule,DirectoryListingModule"  
                resourceType="Either"  
                requireAccess="Read" />  
        </handlers>  
        <staticContent>  
            <mimeMap fileExtension=".*" mimeType="application/octet-stream" />  
        </staticContent>  
    </system.webServer>  
</configuration>

Then select the static folder in IIS and click Authentication. Make sure Anonymous Authentication is enabled. Right click Anonymous Authentication and select Edit. Make sure Application pool identity is selected.

Note: We should select Authentication of static folder instead of the site.

After this, we should be able to launch the site.

#

Comments

Categories

Tags

C++1
CI1
Django3
Django Rest Framework1
GitHub1
IIS1
Linux1
Python5
Raspberry Pi1
database1
server2
system admin1
unit test1

Recents

Catalogue

×