Django Production Settings (2) – Production Settings
There are several settings you need to update for the production environment. In this section, we'll explain the critical ones. As confidential data should not be directly written in the settings files, you should use the .env file, which will be explained in the next section.
Here is the list of the critical settings you want to change for the production environment.
DEBUG
Change to False.
With DEBUG = True, you can see full tracebacks in your browser when you encounter an error. Exposing the error log information for the production environment is risky as it leaks lots of information about your app: excerpts of your source code, local variables, settings, libraries used, etc.
ALLOWED_HOSTS
Add public IP address and domain for projection.
This setting limits user access to Django apps. User access will be blocked if the IP address or domain is not listed here.
DATABASES
Change to production database settings. (e.g., PostgreSQL)
Setting parameters differ by the database. As you need to add a password, etc., for the database, you should make sure that you save these settings in the .env file.
EMAIL_BACKEND and related settings
Change the email backend to an actual email. In the previous chapter, we explained how to change the email backend to an actual one, even for the development environment. Usually, we use a console for development and an actual email for production. As there is confidential data in email-related settings, you should make sure that you save these settings in the .env file for the production environment.
STATIC_ROOT
Add STATIC_ROOT to the address where a web server handles static files. We'll explain static file handling for production later in this chapter.
MEDIA_ROOT
Change to the address where a web server handles media files. As we haven't explained media files yet in this course, for now, you just need to remember that the media root directory should be adjusted for production.
These are only some basic settings. For a more comprehensive list, check the Django official documentation.
There are several settings you need to update for the production environment. In this section, we'll explain the critical ones. As confidential data should not be directly written in the settings files, you should use the .env file, which will be explained in the next section.
Here is the list of the critical settings you want to change for the production environment.
DEBUG
Change to False.
With DEBUG = True, you can see full tracebacks in your browser when you encounter an error. Exposing the error log information for the production environment is risky as it leaks lots of information about your app: excerpts of your source code, local variables, settings, libraries used, etc.
ALLOWED_HOSTS
Add public IP address and domain for projection.
This setting limits user access to Django apps. User access will be blocked if the IP address or domain is not listed here.
DATABASES
Change to production database settings. (e.g., PostgreSQL)
Setting parameters differ by the database. As you need to add a password, etc., for the database, you should make sure that you save these settings in the .env file.
EMAIL_BACKEND and related settings
Change the email backend to an actual email. In the previous chapter, we explained how to change the email backend to an actual one, even for the development environment. Usually, we use a console for development and an actual email for production. As there is confidential data in email-related settings, you should make sure that you save these settings in the .env file for the production environment.
STATIC_ROOT
Add STATIC_ROOT to the address where a web server handles static files. We'll explain static file handling for production later in this chapter.
MEDIA_ROOT
Change to the address where a web server handles media files. As we haven't explained media files yet in this course, for now, you just need to remember that the media root directory should be adjusted for production.
These are only some basic settings. For a more comprehensive list, check the Django official documentation.
