Serving image uploads with apache and python django

I am programming a ticket system, where users can upload their favorite thing: screenshots with red circles! Each ticket gets an ID and has an upload field. I use one django project with one app that uses this upload function.

What I’ve done

Where I am stuck

Code to be added to

import os

os.environ["DJANGO_SETTINGS_MODULE"] = "mysite.settings"

from django.contrib.auth.handlers.modwsgi import check_password

from django.core.handlers.wsgi import WSGIHandler

application = WSGIHandler()

I didn’t touch nor change the code. I replaced it with the code above from the documentation. And then the 500 Error shows up.

Previous code, that I didn’t change in that works:

import os

from django.core.wsgi import get_wsgi_application

os.environ.setdefault('DJANGO_SETTINGS_MODULE', 'mysite.settings')

application = get_wsgi_application()

Below is my project.conf file

<VirtualHost *:80>
        ServerName localhost
        DocumentRoot /var/www/project/mysite
        ServerAdmin webmaster@localhost

        Alias /favicon.ico /var/www/project/mysite/static/tickets/img/ibe.ico
        Alias /media/ /var/www/mysite/media/
        Alias /static/ /var/www/mysite/static/

        <Directory /var/www/mysite/static/>
                Require all granted

        <Directory /var/www/mysite/tickets/media>
                Require all granted

        <Directory /var/www/project/mysite/mysite>
                Require all granted

        WSGIApplicationGroup %{GLOBAL}

        WSGIScriptAlias / /var/www/project/mysite/mysite/

        <Location /var/www/mysite/media>
                AuthType Basic
                AuthName "Top Secret"
                Require valid-user
                AuthBasicProvider wsgi
                WSGIAuthUserScript /var/www/project/mysite/mysite/

        ErrorLog ${APACHE_LOG_DIR}/error.log
        CustomLog ${APACHE_LOG_DIR}/access.log combined



  • I serve static files (CSS, JS) after I did python manage collectstatic and the website and the admin pages look nice and it works.
  • I can upload images and pdf files to a file location outside my django project and apache serves them, so that works, too. But with the url to the image, everybody can see it.
  • I use PAM authentication with django_pam and users, that I can register with the django admin tools
  • in the settings I switched to DEBUG = False
  • in I commented out the + static(settings.MEDIA_URL, document_root=settings.MEDIA_ROOT) so the serving is with apache I’d say

What I want
The tickets’ images / uploads should only be viewable by the author of the ticket.

What I’d expect after I followed the documentation
That the configured logic and the authentication workes with apache after I followed the steps in the documentation.

Help would be appreciated!