1: Introduction to deploying a website


We have reached the deployment phase for our web app. Read through the topics below before we make the final changes to secure our project for deployment.

 

What is web app deployment?

Web app deployment is the process of configuring and uploading a project for live internet traffic. Although it may seem daunting, deploying a website has become easier thanks to web hosting tools and interfaces.

 

How do you deploy a web app?

Deploying a web app requires a web hosting server dedicated to serving your web app content to online users. Hosting companies include Linode, Heroku, and Amazon Web Services. Server costs can vary between hosting services, so we will use Amazon Web Services (AWS) since they offer a free tier and pay-as-you go pricing.

 

What happens after you deploy?

After deploying, there are other important steps needed to secure your web app. Purchasing a domain name and a SSL certificate (Secure Sockets Layer) are both optional steps that help your website run securely.








2: Securing sensitive data


In our settings.py file, we have a secret key responsible for creating digital signatures needed for authentication among other security-related tasks.  To reduce the likelihood of exposing our secret key to an attacker, let's separate the information as an environment variable.  We will use another Python package to handle this functionality.

 

Install python decouple

macOS Terminal

(Ctrl + C)

(env)User-Macbook:mysite user$ pip install python-decouple

Windows Command Prompt

(Ctrl + C)

(env) C:\Users\Owner\desktop\code\env\mysite> pip install python-decouple

Go back to the CLI, quit the server, and install python-decouple.

 

Create .env file

env > mysite > (New File) .env

Creating a .env fileGIF

Create new file called .env in the first mysite folder which will list the values we need to secure. 

 

Secure configuration settings for website security

env > mysite > .env

SECRET_KEY =YOUR-SECRET-KEY-HERE #your specific django secret key
DEBUG =True

First, copy the secret key from settings.py and past into .env.  While not as important, we will also add the debug variable from settings.py as well.  Save the file.

 

Update the settings.py file

env > mysite > mysite > settings.py

import os
from django.contrib.messages import constants as messages
from decouple import config #new code

...

SECRET_KEY = config('SECRET_KEY')

# SECURITY WARNING: don't run with debug turned on in production!
DEBUG = config('DEBUG', cast=bool)
...
...
...

Go to settings.py and import config from decouple at the top of the settings file. Replace all of the values now listed in the .env file with config calling on the .env variables to get their respective values. Make sure both files are saved and then run the server again. Nothing will have changed in the browser but the secret keys and configuration settings are now secured and not directly listed in the settings.py file.








3: Creating an AWS account


Create an AWS account

AWS sign upGIF

First, create an AWS free account at https://aws.amazon.com/free/AWS offers a 12-month free tier for all of the tools you'll need to deploy your web app. You may need to enter your billing and credit card information to create an account but you will not be charged unless you go over the free tier threshold.

If you already have an AWS account, login.

 

Go to the AWS Management Console 

AWS Management ConsoleGIF

Once logged in, you will be brought to the AWS Management Console.

 

Create a set of access keys

AWS access keysGIF

To connect your project to AWS, we need to create a set of AWS keys. Like a username and password, access keys come with an access key ID and a secret access key that only you should know. AWS gives you only one opportunity to view and save the access keys together to maintain security. If you lose the secret access key, create a new key pair and delete the old one.

Click on your username at the top right side of the page. In the dropdown menu, select "My Security Credentials". Find the section that says "Access keys for CLI, SDK, & API access". Click the button "Create access key". You will be brought to a "Create access key" menu that states "Your new access key is now available". Two keys are listed below. The first is the Access key ID and the second is the Secret access key. Click the button "Download .csv file" and save the access keys in a safe location on your computer. You can only view the secret key once on the AWS menu so make sure you download the .csv before closing the menu.






Quiz Questions


1. What is the purpose of AWS access keys?


2. What is the purpose of the .env file?


Next lesson


Check out the comments and debug buttons if you get stuck.