0

I followed this guide to setup my Django application to work with my nginx webserver. However upon testing I discovered that www data group did not have access to my applications static files and returned a 403 error. The solution to this in the comments is to run sudo usermod -a -G your-user www-data. However is this a security risk as we are blanket defeating the entire purpose of the www-data group?

1 Answer 1

0

By adding the www-data user to your personal user group, you're giving it access to any files and directories that your personal user group has access to, which could potentially be exploited if your web server was compromised.

So, please, execute

sudo chown -R www-data:www-data /path/to/static/files

and then restarting Nginx and Gunicorn.

0

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .