#Testing a production deployment while not publicly visible

I've deployed my django app to a production server and wish to test it without it being visible to the public.

Firstly I enabled http basicauth on the web server, worked fine apart from my static files on cloudfront would get additional http basicauth requests and not load. I don't understand the mechanics of this so decided to try:

django-maintance-mode instead, works fine except I want to register on the site as a new user. The only way of doing this and not being already logged in as a superuser/staff is to assign my IP to settings var then another settings var to a function that checks the clients IP, fair enough, except calling ip-ware from settings as they show it has been broken for some time.

I'm out of ideas here? Any other methods for testing a hidden production site?

Testing a production deployment while not publicly visible

You could set up a VPN, and bind the server (gunicorn) only to the private IP address, or enable a firewall (ufw), and block all incoming connections except for the IP addresses you whitelist.

Thanks, ufw sounds like the simplest option?

Yup, definitely.

Think i'll give that a go then, 3rd time lucky!

Any idea why I was getting http basicauth requests for off server CDN requests? e.g. kj435jds.cloudfront.net

Hard to say without knowing your config... if CF is configured as a caching proxy and it does not have your static files stored locally, it needs to get them from your server, so it may be forwarding the auth requests it got from there...

But this is just a guess at this time.

yeah that was my best guess as well some sort of forwarding mechanism/browser security black magic going on

thanks for the help!