0

I have a small Flask app that I managed to get running using apache2 and mod-wsgi. I set it up to run on a subdomain like test.example.com The app is in /var/www/flasktest .

Now if I go to example.com/flasktest/test.wsgi it returns the contents of the file - the same happens with .py files. If I go to test.example.com the website works.

How do I prevent py, wsgi ..etc files from being up for download. I would love to only allow *.css, *.js, ..etc

Thanks.

sirrocco
  • 117
  • 5

1 Answers1

1

You should NOT put your code under DocumentRoot. You need a WSGIScriptAlias in that VirtualHost to map the URL you want it to appear as to the WSGI script file where you put it. You need to use the URL given as first argument to WSGIScriptAlias to access it.

Graham Dumpleton
  • 6,090
  • 2
  • 21
  • 19
  • So I created a www-scripts folder next to www and I moved the website in that folder. Is that what you meant ?( can't access the .py files so I'm thinking that's it) – sirrocco Apr 10 '13 at 17:45