Django setup

Deploy https://

Allow file uploads

sudo groupadd varwwwusers
sudo adduser www-data varwwwusers
sudo chgrp -R varwwwusers /var/www/
sudo chmod -R 760 /var/www/

This adds www-data to the varwwwusers group, which is then set as the group for /var/www/ and all of its subfolders. chmod will give read, write, execute permissions to the owner but the group will not be able to execute any script potentially uploaded in there if for example the webserver got hacked.

You could set it to 740 to make it more secure but then you won’t be able to use Django's collectstatic functionality so stick to 760 unless you’re very confident about what you’re doing.