Django Deployment: Error 403 Forbidden You don't have permission to access / on this server

Question

I'm currently deploying my Django app into a CentOS 7 Server (CentOS Linux release 7.8.2003) based on Django documentation here. But I encounter this problem (Error 403) stated in the error log below.

Things to take note:

1. Yes, I was able to run the server through a virtual environment port 8000.

2. The database I'm using is mysql (guide).

3. Does this have any relation with the access permission set for apache? As for now, I have set the permission for apache as below:

sudo chown :apache colus_cafe/
sudo chown -R :apache colus_cafe/colus_cafe/media

4. Python version 3.6.8 & WSGI python36-mod_wsgi.x86_64 (guide).
5. What have I tried: Will be updated based on given answer
   • remove and reinstall virtual environment.

/etc/httpd/conf.d/django.conf:

Alias /static /home/colus/colus_cafe/colus_cafe/static
<Directory /home/colus/colus_cafe/colus_cafe/static>
        Require all granted
</Directory>

Alias /media /home/colus/colus_cafe/colus_cafe/media
<Directory /home/colus/colus_cafe/colus_cafe/media>
        Require all granted
</Directory>

<Directory /home/colus/colus_cafe/colus_cafe>                                                                       
        <Files wsgi.py>
            Require all granted
    </Files>
</Directory>

WSGIScriptAlias / /home/colus/colus_cafe/colus_cafe/wsgi.py
WSGIDaemonProcess colus_cafe_app python-home=/home/colus/colus_cafe/env python-path=/home/colus/colus_cafe
WSGIProcessGroup colus_cafe_app

/etc/httpd/logs/error_log

Current thread 0x00007fee066d6880 (most recent call first):                                                          

[Wed Jul 08 07:11:09.691137 2020] [mpm_prefork:notice] [pid 10044] AH00170: caught SIGWINCH, shutting down gracefully
[Wed Jul 08 07:11:10.768060 2020] [core:notice] [pid 10231] SELinux policy enabled; httpd running as context system_$
[Wed Jul 08 07:11:10.769024 2020] [suexec:notice] [pid 10231] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/$[Wed Jul 08 07:11:10.789925 2020] [so:warn] [pid 10231] AH01574: module wsgi_module is already loaded, skipping      
[Wed Jul 08 07:11:10.793580 2020] [lbmethod_heartbeat:notice] [pid 10231] AH02282: No slotmem from mod_heartmonitor  
[Wed Jul 08 07:11:10.796988 2020] [mpm_prefork:notice] [pid 10231] AH00163: Apache/2.4.6 (CentOS) mod_wsgi/4.6.2 Pyt$[Wed Jul 08 07:11:10.797021 2020] [core:notice] [pid 10231] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'   
[Wed Jul 08 07:11:10.798024 2020] [wsgi:warn] [pid 10232] (13)Permission denied: mod_wsgi (pid=10232): 
Unable to stat Python home /home/colus/colus_cafe/env. 
Python interpreter may not be able to be initialized correctly. 
Verify the supplied path and access permissions for whole of the path. 
Fatal Python error: Py_Initialize: Unable to get the locale encoding                                           
ModuleNotFoundError: No module named 'encodings'

Answer 1

Based on Maarten's comment, I have found the answer for this problem.

1. I need to change the access permissions of apache to read and execute the django project folder by using chmod. However, this later shows another problem below.

/etc/httpd/logs/error_log

failed to map segment from shared object permission denied mysql.

2. Then I found out the error shows that Python (in the virtual environment) is unable to execute the packages (mysqlclient). Hence, the solution can be found here, which to change the security context of “httpd_sys_script_exec_t” which allows Apache to execute.

I hope this helps anyone who encounters this problem. And if there are any bad practices or mistakes that I have made, please do leave a comment.

Thank you and have a nice day.