<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Deployment checklist — Django 1.6.7 documentation</title>
<link rel="stylesheet" href="../../_static/default.css" type="text/css" />
<link rel="stylesheet" href="../../_static/pygments.css" type="text/css" />
<script type="text/javascript">
var DOCUMENTATION_OPTIONS = {
URL_ROOT: '../../',
VERSION: '1.6.7',
COLLAPSE_INDEX: false,
FILE_SUFFIX: '.html',
HAS_SOURCE: true
};
</script>
<script type="text/javascript" src="../../_static/jquery.js"></script>
<script type="text/javascript" src="../../_static/underscore.js"></script>
<script type="text/javascript" src="../../_static/doctools.js"></script>
<link rel="top" title="Django 1.6.7 documentation" href="../../index.html" />
<link rel="up" title="Deploying Django" href="index.html" />
<link rel="next" title="Upgrading Django to a newer version" href="../upgrade-version.html" />
<link rel="prev" title="How to use Django with FastCGI, SCGI, or AJP" href="fastcgi.html" />
<script type="text/javascript" src="../../templatebuiltins.js"></script>
<script type="text/javascript">
(function($) {
if (!django_template_builtins) {
// templatebuiltins.js missing, do nothing.
return;
}
$(document).ready(function() {
// Hyperlink Django template tags and filters
var base = "../../ref/templates/builtins.html";
if (base == "#") {
// Special case for builtins.html itself
base = "";
}
// Tags are keywords, class '.k'
$("div.highlight\\-html\\+django span.k").each(function(i, elem) {
var tagname = $(elem).text();
if ($.inArray(tagname, django_template_builtins.ttags) != -1) {
var fragment = tagname.replace(/_/, '-');
$(elem).html("<a href='" + base + "#" + fragment + "'>" + tagname + "</a>");
}
});
// Filters are functions, class '.nf'
$("div.highlight\\-html\\+django span.nf").each(function(i, elem) {
var filtername = $(elem).text();
if ($.inArray(filtername, django_template_builtins.tfilters) != -1) {
var fragment = filtername.replace(/_/, '-');
$(elem).html("<a href='" + base + "#" + fragment + "'>" + filtername + "</a>");
}
});
});
})(jQuery);
</script>
</head>
<body>
<div class="document">
<div id="custom-doc" class="yui-t6">
<div id="hd">
<h1><a href="../../index.html">Django 1.6.7 documentation</a></h1>
<div id="global-nav">
<a title="Home page" href="../../index.html">Home</a> |
<a title="Table of contents" href="../../contents.html">Table of contents</a> |
<a title="Global index" href="../../genindex.html">Index</a> |
<a title="Module index" href="../../py-modindex.html">Modules</a>
</div>
<div class="nav">
« <a href="fastcgi.html" title="How to use Django with FastCGI, SCGI, or AJP">previous</a>
|
<a href="../index.html" title="&#8220;How-to&#8221; guides" accesskey="U">up</a>
|
<a href="../upgrade-version.html" title="Upgrading Django to a newer version">next</a> »</div>
</div>
<div id="bd">
<div id="yui-main">
<div class="yui-b">
<div class="yui-g" id="howto-deployment-checklist">
<div class="section" id="s-deployment-checklist">
<span id="deployment-checklist"></span><h1>Deployment checklist<a class="headerlink" href="#deployment-checklist" title="Permalink to this headline">¶</a></h1>
<p>The Internet is a hostile environment. Before deploying your Django project,
you should take some time to review your settings, with security, performance,
and operations in mind.</p>
<p>Django includes many <a class="reference internal" href="../../topics/security.html"><em>security features</em></a>. Some are
built-in and always enabled. Others are optional because they aren’t always
appropriate, or because they’re inconvenient for development. For example,
forcing HTTPS may not be suitable for all websites, and it’s impractical for
local development.</p>
<p>Performance optimizations are another category of trade-offs with convenience.
For instance, caching is useful in production, less so for local development.
Error reporting needs are also widely different.</p>
<p>The following checklist includes settings that:</p>
<ul class="simple">
<li>must be set properly for Django to provide the expected level of security;</li>
<li>are expected to be different in each environment;</li>
<li>enable optional security features;</li>
<li>enable performance optimizations;</li>
<li>provide error reporting.</li>
</ul>
<p>Many of these settings are sensitive and should be treated as confidential. If
you’re releasing the source code for your project, a common practice is to
publish suitable settings for development, and to use a private settings
module for production.</p>
<div class="section" id="s-critical-settings">
<span id="critical-settings"></span><h2>Critical settings<a class="headerlink" href="#critical-settings" title="Permalink to this headline">¶</a></h2>
<div class="section" id="s-secret-key">
<span id="secret-key"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-SECRET_KEY"><tt class="xref std std-setting docutils literal"><span class="pre">SECRET_KEY</span></tt></a><a class="headerlink" href="#secret-key" title="Permalink to this headline">¶</a></h3>
<p><strong>The secret key must be a large random value and it must be kept secret.</strong></p>
<p>Make sure that the key used in production isn’t used anywhere else and avoid
committing it to source control. This reduces the number of vectors from which
an attacker may acquire the key.</p>
<p>Instead of hardcoding the secret key in your settings module, consider loading
it from an environment variable:</p>
<div class="highlight-python"><div class="highlight"><pre><span class="kn">import</span> <span class="nn">os</span>
<span class="n">SECRET_KEY</span> <span class="o">=</span> <span class="n">os</span><span class="o">.</span><span class="n">environ</span><span class="p">[</span><span class="s">'SECRET_KEY'</span><span class="p">]</span>
</pre></div>
</div>
<p>or from a file:</p>
<div class="highlight-python"><div class="highlight"><pre><span class="k">with</span> <span class="nb">open</span><span class="p">(</span><span class="s">'/etc/secret_key.txt'</span><span class="p">)</span> <span class="k">as</span> <span class="n">f</span><span class="p">:</span>
<span class="n">SECRET_KEY</span> <span class="o">=</span> <span class="n">f</span><span class="o">.</span><span class="n">read</span><span class="p">()</span><span class="o">.</span><span class="n">strip</span><span class="p">()</span>
</pre></div>
</div>
</div>
<div class="section" id="s-debug">
<span id="debug"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-DEBUG"><tt class="xref std std-setting docutils literal"><span class="pre">DEBUG</span></tt></a><a class="headerlink" href="#debug" title="Permalink to this headline">¶</a></h3>
<p><strong>You must never enable debug in production.</strong></p>
<p>You’re certainly developing your project with <a class="reference internal" href="../../ref/settings.html#std:setting-DEBUG"><tt class="xref std std-setting docutils literal"><span class="pre">DEBUG</span> <span class="pre">=</span> <span class="pre">True</span></tt></a>,
since this enables handy features like full tracebacks in your browser.</p>
<p>For a production environment, though, this is a really bad idea, because it
leaks lots of information about your project: excerpts of your source code,
local variables, settings, libraries used, etc.</p>
</div>
</div>
<div class="section" id="s-environment-specific-settings">
<span id="environment-specific-settings"></span><h2>Environment-specific settings<a class="headerlink" href="#environment-specific-settings" title="Permalink to this headline">¶</a></h2>
<div class="section" id="s-allowed-hosts">
<span id="allowed-hosts"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-ALLOWED_HOSTS"><tt class="xref std std-setting docutils literal"><span class="pre">ALLOWED_HOSTS</span></tt></a><a class="headerlink" href="#allowed-hosts" title="Permalink to this headline">¶</a></h3>
<p>When <a class="reference internal" href="../../ref/settings.html#std:setting-DEBUG"><tt class="xref std std-setting docutils literal"><span class="pre">DEBUG</span> <span class="pre">=</span> <span class="pre">False</span></tt></a>, Django doesn’t work at all without a
suitable value for <a class="reference internal" href="../../ref/settings.html#std:setting-ALLOWED_HOSTS"><tt class="xref std std-setting docutils literal"><span class="pre">ALLOWED_HOSTS</span></tt></a>.</p>
<p>This setting is required to protect your site against some CSRF attacks. If
you use a wildcard, you must perform your own validation of the <tt class="docutils literal"><span class="pre">Host</span></tt> HTTP
header, or otherwise ensure that you aren’t vulnerable to this category of
attacks.</p>
</div>
<div class="section" id="s-caches">
<span id="caches"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-CACHES"><tt class="xref std std-setting docutils literal"><span class="pre">CACHES</span></tt></a><a class="headerlink" href="#caches" title="Permalink to this headline">¶</a></h3>
<p>If you’re using a cache, connection parameters may be different in development
and in production.</p>
<p>Cache servers often have weak authentication. Make sure they only accept
connections from your application servers.</p>
<p>If you’re using Memcached, consider using <a class="reference internal" href="../../topics/http/sessions.html#cached-sessions-backend"><em>cached sessions</em></a> to improve performance.</p>
</div>
<div class="section" id="s-databases">
<span id="databases"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-DATABASES"><tt class="xref std std-setting docutils literal"><span class="pre">DATABASES</span></tt></a><a class="headerlink" href="#databases" title="Permalink to this headline">¶</a></h3>
<p>Database connection parameters are probably different in development and in
production.</p>
<p>Database passwords are very sensitive. You should protect them exactly like
<a class="reference internal" href="../../ref/settings.html#std:setting-SECRET_KEY"><tt class="xref std std-setting docutils literal"><span class="pre">SECRET_KEY</span></tt></a>.</p>
<p>For maximum security, make sure database servers only accept connections from
your application servers.</p>
<p>If you haven’t set up backups for your database, do it right now!</p>
</div>
<div class="section" id="s-email-backend-and-related-settings">
<span id="email-backend-and-related-settings"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-EMAIL_BACKEND"><tt class="xref std std-setting docutils literal"><span class="pre">EMAIL_BACKEND</span></tt></a> and related settings<a class="headerlink" href="#email-backend-and-related-settings" title="Permalink to this headline">¶</a></h3>
<p>If your site sends emails, these values need to be set correctly.</p>
</div>
<div class="section" id="s-static-root-and-static-url">
<span id="static-root-and-static-url"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-STATIC_ROOT"><tt class="xref std std-setting docutils literal"><span class="pre">STATIC_ROOT</span></tt></a> and <a class="reference internal" href="../../ref/settings.html#std:setting-STATIC_URL"><tt class="xref std std-setting docutils literal"><span class="pre">STATIC_URL</span></tt></a><a class="headerlink" href="#static-root-and-static-url" title="Permalink to this headline">¶</a></h3>
<p>Static files are automatically served by the development server. In
production, you must define a <a class="reference internal" href="../../ref/settings.html#std:setting-STATIC_ROOT"><tt class="xref std std-setting docutils literal"><span class="pre">STATIC_ROOT</span></tt></a> directory where
<a class="reference internal" href="../../ref/contrib/staticfiles.html#django-admin-collectstatic"><tt class="xref std std-djadmin docutils literal"><span class="pre">collectstatic</span></tt></a> will copy them.</p>
<p>See <a class="reference internal" href="../static-files/index.html"><em>Managing static files (CSS, images)</em></a> for more information.</p>
</div>
<div class="section" id="s-media-root-and-media-url">
<span id="media-root-and-media-url"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-MEDIA_ROOT"><tt class="xref std std-setting docutils literal"><span class="pre">MEDIA_ROOT</span></tt></a> and <a class="reference internal" href="../../ref/settings.html#std:setting-MEDIA_URL"><tt class="xref std std-setting docutils literal"><span class="pre">MEDIA_URL</span></tt></a><a class="headerlink" href="#media-root-and-media-url" title="Permalink to this headline">¶</a></h3>
<p>Media files are uploaded by your users. They’re untrusted! Make sure your web
server never attempt to interpret them. For instance, if a user uploads a
<tt class="docutils literal"><span class="pre">.php</span></tt> file , the web server shouldn’t execute it.</p>
<p>Now is a good time to check your backup strategy for these files.</p>
</div>
</div>
<div class="section" id="s-https">
<span id="https"></span><h2>HTTPS<a class="headerlink" href="#https" title="Permalink to this headline">¶</a></h2>
<p>Any website which allows users to log in should enforce site-wide HTTPS to
avoid transmitting access tokens in clear. In Django, access tokens include
the login/password, the session cookie, and password reset tokens. (You can’t
do much to protect password reset tokens if you’re sending them by email.)</p>
<p>Protecting sensitive areas such as the user account or the admin isn’t
sufficient, because the same session cookie is used for HTTP and HTTPS. Your
web server must redirect all HTTP traffic to HTTPS, and only transmit HTTPS
requests to Django.</p>
<p>Once you’ve set up HTTPS, enable the following settings.</p>
<div class="section" id="s-csrf-cookie-secure">
<span id="csrf-cookie-secure"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-CSRF_COOKIE_SECURE"><tt class="xref std std-setting docutils literal"><span class="pre">CSRF_COOKIE_SECURE</span></tt></a><a class="headerlink" href="#csrf-cookie-secure" title="Permalink to this headline">¶</a></h3>
<p>Set this to <tt class="docutils literal"><span class="pre">True</span></tt> to avoid transmitting the CSRF cookie over HTTP
accidentally.</p>
</div>
<div class="section" id="s-session-cookie-secure">
<span id="session-cookie-secure"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-SESSION_COOKIE_SECURE"><tt class="xref std std-setting docutils literal"><span class="pre">SESSION_COOKIE_SECURE</span></tt></a><a class="headerlink" href="#session-cookie-secure" title="Permalink to this headline">¶</a></h3>
<p>Set this to <tt class="docutils literal"><span class="pre">True</span></tt> to avoid transmitting the session cookie over HTTP
accidentally.</p>
</div>
</div>
<div class="section" id="s-performance-optimizations">
<span id="performance-optimizations"></span><h2>Performance optimizations<a class="headerlink" href="#performance-optimizations" title="Permalink to this headline">¶</a></h2>
<p>Setting <a class="reference internal" href="../../ref/settings.html#std:setting-DEBUG"><tt class="xref std std-setting docutils literal"><span class="pre">DEBUG</span> <span class="pre">=</span> <span class="pre">False</span></tt></a> disables several features that are
only useful in development. In addition, you can tune the following settings.</p>
<div class="section" id="s-conn-max-age">
<span id="conn-max-age"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-CONN_MAX_AGE"><tt class="xref std std-setting docutils literal"><span class="pre">CONN_MAX_AGE</span></tt></a><a class="headerlink" href="#conn-max-age" title="Permalink to this headline">¶</a></h3>
<p>Enabling <a class="reference internal" href="../../ref/databases.html#persistent-database-connections"><em>persistent database connections</em></a> can result in a nice speed-up when
connecting to the database accounts for a significant part of the request
processing time.</p>
<p>This helps a lot on virtualized hosts with limited network performance.</p>
</div>
<div class="section" id="s-template-loaders">
<span id="template-loaders"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-TEMPLATE_LOADERS"><tt class="xref std std-setting docutils literal"><span class="pre">TEMPLATE_LOADERS</span></tt></a><a class="headerlink" href="#template-loaders" title="Permalink to this headline">¶</a></h3>
<p>Enabling the cached template loader often improves performance drastically, as
it avoids compiling each template every time it needs to be rendered. See the
<a class="reference internal" href="../../ref/templates/api.html#template-loaders"><em>template loaders docs</em></a> for more information.</p>
</div>
</div>
<div class="section" id="s-error-reporting">
<span id="error-reporting"></span><h2>Error reporting<a class="headerlink" href="#error-reporting" title="Permalink to this headline">¶</a></h2>
<p>By the time you push your code to production, it’s hopefully robust, but you
can’t rule out unexpected errors. Thankfully, Django can capture errors and
notify you accordingly.</p>
<div class="section" id="s-logging">
<span id="logging"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-LOGGING"><tt class="xref std std-setting docutils literal"><span class="pre">LOGGING</span></tt></a><a class="headerlink" href="#logging" title="Permalink to this headline">¶</a></h3>
<p>Review your logging configuration before putting your website in production,
and check that it works as expected as soon as you have received some traffic.</p>
<p>See <a class="reference internal" href="../../topics/logging.html"><em>Logging</em></a> for details on logging.</p>
</div>
<div class="section" id="s-admins-and-managers">
<span id="admins-and-managers"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-ADMINS"><tt class="xref std std-setting docutils literal"><span class="pre">ADMINS</span></tt></a> and <a class="reference internal" href="../../ref/settings.html#std:setting-MANAGERS"><tt class="xref std std-setting docutils literal"><span class="pre">MANAGERS</span></tt></a><a class="headerlink" href="#admins-and-managers" title="Permalink to this headline">¶</a></h3>
<p><a class="reference internal" href="../../ref/settings.html#std:setting-ADMINS"><tt class="xref std std-setting docutils literal"><span class="pre">ADMINS</span></tt></a> will be notified of 500 errors by email.</p>
<p><a class="reference internal" href="../../ref/settings.html#std:setting-MANAGERS"><tt class="xref std std-setting docutils literal"><span class="pre">MANAGERS</span></tt></a> will be notified of 404 errors.
<a class="reference internal" href="../../ref/settings.html#std:setting-IGNORABLE_404_URLS"><tt class="xref std std-setting docutils literal"><span class="pre">IGNORABLE_404_URLS</span></tt></a> can help filter out spurious reports.</p>
<p>See <a class="reference internal" href="../error-reporting.html"><em>Error reporting</em></a> for details on error reporting by email.</p>
</div>
<div class="section" id="s-customize-the-default-error-views">
<span id="customize-the-default-error-views"></span><h3>Customize the default error views<a class="headerlink" href="#customize-the-default-error-views" title="Permalink to this headline">¶</a></h3>
<p>Django includes default views and templates for several HTTP error codes. You
may want to override the default templates by creating the following templates
in your root template directory: <tt class="docutils literal"><span class="pre">404.html</span></tt>, <tt class="docutils literal"><span class="pre">500.html</span></tt>, <tt class="docutils literal"><span class="pre">403.html</span></tt>, and
<tt class="docutils literal"><span class="pre">400.html</span></tt>. The default views should suffice for 99% of Web applications, but
if you desire to customize them, see these instructions which also contain
details about the default templates:</p>
<ul class="simple">
<li><a class="reference internal" href="../../topics/http/views.html#http-not-found-view"><em>The 404 (page not found) view</em></a></li>
<li><a class="reference internal" href="../../topics/http/views.html#http-internal-server-error-view"><em>The 500 (server error) view</em></a></li>
<li><a class="reference internal" href="../../topics/http/views.html#http-forbidden-view"><em>The 403 (HTTP Forbidden) view</em></a></li>
<li><a class="reference internal" href="../../topics/http/views.html#http-bad-request-view"><em>The 400 (bad request) view</em></a></li>
</ul>
</div>
</div>
<div class="section" id="s-miscellaneous">
<span id="miscellaneous"></span><h2>Miscellaneous<a class="headerlink" href="#miscellaneous" title="Permalink to this headline">¶</a></h2>
<div class="section" id="s-allowed-include-roots">
<span id="allowed-include-roots"></span><h3><a class="reference internal" href="../../ref/settings.html#std:setting-ALLOWED_INCLUDE_ROOTS"><tt class="xref std std-setting docutils literal"><span class="pre">ALLOWED_INCLUDE_ROOTS</span></tt></a><a class="headerlink" href="#allowed-include-roots" title="Permalink to this headline">¶</a></h3>
<p>This setting is required if you’re using the <a class="reference internal" href="../../ref/templates/builtins.html#std:templatetag-ssi"><tt class="xref std std-ttag docutils literal"><span class="pre">ssi</span></tt></a> template tag.</p>
</div>
</div>
<div class="section" id="s-python-options">
<span id="python-options"></span><h2>Python Options<a class="headerlink" href="#python-options" title="Permalink to this headline">¶</a></h2>
<p>If you’re using Python 2.6.8+, it’s strongly recommended that you invoke the
Python process running your Django application using the <a class="reference external" href="http://docs.python.org/2.7/using/cmdline.html#cmdoption-R">-R</a> option or with
the <span class="target" id="index-0"></span><tt class="xref std std-envvar docutils literal"><span class="pre">PYTHONHASHSEED</span></tt> environment variable set to <tt class="docutils literal"><span class="pre">random</span></tt>.</p>
<p>These options help protect your site from denial-of-service (DoS)
attacks triggered by carefully crafted inputs. Such an attack can
drastically increase CPU usage by causing worst-case performance when
creating <tt class="docutils literal"><span class="pre">dict</span></tt> instances. See <a class="reference external" href="http://www.ocert.org/advisories/ocert-2011-003.html">oCERT advisory #2011-003</a> for more information.</p>
</div>
</div>
</div>
</div>
</div>
<div class="yui-b" id="sidebar">
<div class="sphinxsidebar">
<div class="sphinxsidebarwrapper">
<h3><a href="../../contents.html">Table Of Contents</a></h3>
<ul>
<li><a class="reference internal" href="#">Deployment checklist</a><ul>
<li><a class="reference internal" href="#critical-settings">Critical settings</a><ul>
<li><a class="reference internal" href="#secret-key"><tt class="docutils literal"><span class="pre">SECRET_KEY</span></tt></a></li>
<li><a class="reference internal" href="#debug"><tt class="docutils literal"><span class="pre">DEBUG</span></tt></a></li>
</ul>
</li>
<li><a class="reference internal" href="#environment-specific-settings">Environment-specific settings</a><ul>
<li><a class="reference internal" href="#allowed-hosts"><tt class="docutils literal"><span class="pre">ALLOWED_HOSTS</span></tt></a></li>
<li><a class="reference internal" href="#caches"><tt class="docutils literal"><span class="pre">CACHES</span></tt></a></li>
<li><a class="reference internal" href="#databases"><tt class="docutils literal"><span class="pre">DATABASES</span></tt></a></li>
<li><a class="reference internal" href="#email-backend-and-related-settings"><tt class="docutils literal"><span class="pre">EMAIL_BACKEND</span></tt> and related settings</a></li>
<li><a class="reference internal" href="#static-root-and-static-url"><tt class="docutils literal"><span class="pre">STATIC_ROOT</span></tt> and <tt class="docutils literal"><span class="pre">STATIC_URL</span></tt></a></li>
<li><a class="reference internal" href="#media-root-and-media-url"><tt class="docutils literal"><span class="pre">MEDIA_ROOT</span></tt> and <tt class="docutils literal"><span class="pre">MEDIA_URL</span></tt></a></li>
</ul>
</li>
<li><a class="reference internal" href="#https">HTTPS</a><ul>
<li><a class="reference internal" href="#csrf-cookie-secure"><tt class="docutils literal"><span class="pre">CSRF_COOKIE_SECURE</span></tt></a></li>
<li><a class="reference internal" href="#session-cookie-secure"><tt class="docutils literal"><span class="pre">SESSION_COOKIE_SECURE</span></tt></a></li>
</ul>
</li>
<li><a class="reference internal" href="#performance-optimizations">Performance optimizations</a><ul>
<li><a class="reference internal" href="#conn-max-age"><tt class="docutils literal"><span class="pre">CONN_MAX_AGE</span></tt></a></li>
<li><a class="reference internal" href="#template-loaders"><tt class="docutils literal"><span class="pre">TEMPLATE_LOADERS</span></tt></a></li>
</ul>
</li>
<li><a class="reference internal" href="#error-reporting">Error reporting</a><ul>
<li><a class="reference internal" href="#logging"><tt class="docutils literal"><span class="pre">LOGGING</span></tt></a></li>
<li><a class="reference internal" href="#admins-and-managers"><tt class="docutils literal"><span class="pre">ADMINS</span></tt> and <tt class="docutils literal"><span class="pre">MANAGERS</span></tt></a></li>
<li><a class="reference internal" href="#customize-the-default-error-views">Customize the default error views</a></li>
</ul>
</li>
<li><a class="reference internal" href="#miscellaneous">Miscellaneous</a><ul>
<li><a class="reference internal" href="#allowed-include-roots"><tt class="docutils literal"><span class="pre">ALLOWED_INCLUDE_ROOTS</span></tt></a></li>
</ul>
</li>
<li><a class="reference internal" href="#python-options">Python Options</a></li>
</ul>
</li>
</ul>
<h3>Browse</h3>
<ul>
<li>Prev: <a href="fastcgi.html">How to use Django with FastCGI, SCGI, or AJP</a></li>
<li>Next: <a href="../upgrade-version.html">Upgrading Django to a newer version</a></li>
</ul>
<h3>You are here:</h3>
<ul>
<li>
<a href="../../index.html">Django 1.6.7 documentation</a>
<ul><li><a href="../index.html">“How-to” guides</a>
<ul><li><a href="index.html">Deploying Django</a>
<ul><li>Deployment checklist</li></ul>
</li></ul></li></ul>
</li>
</ul>
<h3>This Page</h3>
<ul class="this-page-menu">
<li><a href="../../_sources/howto/deployment/checklist.txt"
rel="nofollow">Show Source</a></li>
</ul>
<div id="searchbox" style="display: none">
<h3>Quick search</h3>
<form class="search" action="../../search.html" method="get">
<input type="text" name="q" />
<input type="submit" value="Go" />
<input type="hidden" name="check_keywords" value="yes" />
<input type="hidden" name="area" value="default" />
</form>
<p class="searchtip" style="font-size: 90%">
Enter search terms or a module, class or function name.
</p>
</div>
<script type="text/javascript">$('#searchbox').show(0);</script>
</div>
</div>
<h3>Last update:</h3>
<p class="topless">Sep 26, 2014</p>
</div>
</div>
<div id="ft">
<div class="nav">
« <a href="fastcgi.html" title="How to use Django with FastCGI, SCGI, or AJP">previous</a>
|
<a href="../index.html" title="&#8220;How-to&#8221; guides" accesskey="U">up</a>
|
<a href="../upgrade-version.html" title="Upgrading Django to a newer version">next</a> »</div>
</div>
</div>
<div class="clearer"></div>
</div>
</body>
</html>
