By DrSpaceman
I recently deployed a new blog site (first live site for me) and I am having issues with displaying images that I’ve uploaded via summernote/admin panel.
My regular images load fine as they come from the static folder.
Whenever I create a post, everything goes fine, but if I go to look at any images I’ve uploaded they don’t show up.
After loading the page while inspecting the site, I can see 403 errors for every image. The file path is correct and I can see them in my spaces.
I tried changing the permissions on my server to www-data www-data but that didn’t help. I figured it wouldn’t since these files are strictly on spaces and not my server.
I had this same issue with some of the icons and css files in my admin page - which I fixed by marking public. However that option isn’t possible with the images as I’d have to go in after every post and mark them public. Plus I don’t think that’s the best idea anyway.
With the icons I did have some COR failures to which I just added my top level domain and it cleared those. But again no direct affect with my images.
So the problem seems to be with the images on spaces. No idea why they are returning the 403 error though.
This textbox defaults to using Markdown to format your answer.
You can type !ref in this text area to quickly search our full set of tutorials, documentation & marketplace offerings and insert the link!
Hi there,
The issue you’re experiencing with 403 errors on images uploaded via Summernote in a Django application and stored in DigitalOcean Spaces seems to be related to access permissions and potentially CORS settings.
What I could suggest is following this tutorial here:
https://www.digitalocean.com/community/tutorials/how-to-set-up-object-storage-with-django
If this still does not work, here are some general steps to troubleshoot and resolve this problem:
1. Check Access Permissions in DigitalOcean Spaces
-
Public Access: By default, files uploaded to DigitalOcean Spaces are private. You need to set the uploaded images to be publicly accessible. You can set the default file permission to public for the Space where the images are stored.
-
Spaces Access Keys: If you don’t want your images to be public, another approach is to use DigitalOcean Spaces Access Keys. These keys allow your application to authenticate and access the private files programmatically.
2. Verify CORS Settings
-
Configure CORS: If your Django application is hosted on a different domain than your DigitalOcean Space, you may face CORS (Cross-Origin Resource Sharing) issues. Make sure the CORS settings for your Space are configured to allow requests from your application’s domain.
-
Check Headers: Ensure that the appropriate CORS headers are present in the responses for your image requests.
3. Django Settings
-
STATIC and MEDIA Settings: Ensure that your
STATIC_URLandMEDIA_URLin your Django settings are correctly configured to serve files from DigitalOcean Spaces. -
django-storages: If you’re using
django-storagesto integrate with DigitalOcean Spaces, make sure it’s properly configured. Check the settings related to the backend storage class and authentication credentials.
4. Debugging
-
Access Images Directly: Try accessing the images directly via their URLs in the browser to see if they are accessible.
-
Log Files: Check your server logs for any additional information about the 403 errors.
-
Browser Console: Use the browser’s developer tools to inspect the network requests and responses for the images. Look for any clues in the response headers or request URLs.
Best,
Bobby
The 403 Forbidden error indicates a permission or access issue with the images stored in your DigitalOcean Spaces. Here’s how to troubleshoot and resolve the problem:
1. Understand the Root Cause
DigitalOcean Spaces is an S3-compatible object storage service. By default, objects in Spaces are private, meaning they are not accessible unless permissions are explicitly set or an authenticated request is made. When using Summernote to upload images, the uploaded images may inherit these default private settings.
2. Solutions to Resolve the 403 Errors
Option 1: Configure Correct Permissions for Uploaded Files
Ensure that the uploaded files to Spaces are publicly accessible. You can achieve this by setting the ACL (Access Control List) to public-read during upload.
- If you’re using
django-storagesfor DigitalOcean Spaces, add the following to yoursettings.py:
AWS_DEFAULT_ACL = 'public-read'
- This ensures that all uploaded files are automatically accessible without manual intervention.
Option 2: Configure Media Storage for Summernote
When using Django Summernote to upload images, ensure the DEFAULT_FILE_STORAGE is correctly configured to use your DigitalOcean Spaces:
- Add this to your
settings.py:
from storages.backends.s3boto3 import S3Boto3Storage
class MediaStorage(S3Boto3Storage):
location = 'media' # Replace with your media directory name
file_overwrite = False
DEFAULT_FILE_STORAGE = 'your_project.settings.MediaStorage'
AWS_DEFAULT_ACL = 'public-read'
- Ensure
MEDIA_URLis properly configured:
MEDIA_URL = f'{AWS_S3_ENDPOINT_URL}/media/'
- Verify the upload path for Summernote:
- Add this to your
settings.py
SUMMERNOTE_CONFIG = {
'attachment_storage_class': 'your_project.settings.MediaStorage',
}
Option 3: Fix CORS Errors
You mentioned previously experiencing CORS (Cross-Origin Resource Sharing) issues. Ensure your DigitalOcean Spaces bucket allows requests from your domain:
- Go to the DigitalOcean Spaces dashboard.
- Open your Space settings.
- Add a CORS configuration like this:
[
{
"AllowedHeaders": ["*"],
"AllowedMethods": ["GET", "HEAD"],
"AllowedOrigins": ["https://yourdomain.com"],
"ExposeHeaders": [],
"MaxAgeSeconds": 3000
}
]
Option 4: Verify Permissions in DigitalOcean Spaces
Ensure the files in your Space have public permissions set. You can automate this for all future uploads using the public-read ACL in django-storages. However, for existing files:
- Use the
s3cmdtool to make existing files public:
s3cmd setacl s3://your-space-name/media/ --acl-public --recursive
- If using the DigitalOcean Spaces UI:
- Navigate to your Space.
- Select the files (or folder).
- Set their permissions to Public.
Option 5: Debugging Steps
If the problem persists:
-
Inspect the URL of the failing images:
- Confirm the URL matches the expected path, e.g.,
https://your-space-name.nyc3.digitaloceanspaces.com/media/your-image.jpg.
- Confirm the URL matches the expected path, e.g.,
-
Check Logs for Errors:
- Inspect your Django logs for errors related to file uploads or permissions.
- Check the browser console for additional details about the 403 errors.
-
Test Access to Files:
- Try accessing one of the failing image URLs directly in your browser to confirm if the issue is with the file permissions.
3. Best Practices for Static and Media Files
- Use
STATICFILES_STORAGEandDEFAULT_FILE_STORAGEsettings to manage static and media files in DigitalOcean Spaces automatically. - Ensure files are uploaded with the correct permissions (
public-read) to avoid manual intervention. - Use a CORS configuration to allow access from your domain.
Become a contributor for community
Get paid to write technical tutorials and select a tech-focused charity to receive a matching donation.
DigitalOcean Documentation
Full documentation for every DigitalOcean product.
Resources for startups and AI-native businesses
The Wave has everything you need to know about building a business, from raising funding to marketing your product.
The developer cloud
Scale up as you grow — whether you're running one virtual machine or ten thousand.
Get started for free
Sign up and get $200 in credit for your first 60 days with DigitalOcean.*
*This promotional offer applies to new accounts only.