Using Django's built in web server in a production environment
Is it okay to use the builtin Django webserver for this
No.
Should I install Apache and mod_wsgi?
Yes.
If so, what are the reasons for this? Security perhaps?
Partly.
More importantly, the little toy Django server is single-threaded and any hangup in your code hangs the server. This means that when two users click almost at the same time, user one's query must go all the way through Django before user two's query can even starts.
And this will have to include the insanely slow download speed to the desktop.
Apache (like all the alternatives, lighttpd or nginx) is multi-threaded. The slowest part of the transaction is the download from Apache to the desktop. You don't want Python code (and Django) handling this in a single-threaded manner. Even for just a few users.
Also, you don't what Django serving static media (i.e., CSS and JS library files.)
A single slow spot in your application won't effect the overall system throughput if Apache and mod_wsgi are in place. One request 's output page can be slowly downloading to a PC desktop in parallel with another user's output.
DO NOT USE THIS (the builtin Django webserver) SERVER IN A PRODUCTION SETTING. It has not gone through security audits or performance tests.
http://docs.djangoproject.com/en/dev/ref/django-admin/#runserver-port-or-address-port
But you don't have use Apache if you don't want to. You could directly use Spawning, Gunicorn etc.
Cherokee is also easy to setup.
Use nginx + gunicorn.
Nginx: five lines of configuration. Gunicorn: two lines of configuration. That's easy and efficient. For better control you can spawn the gunicorn process using supervisord.
Both gunicorn and supervisord are available to install with pip, and nginx is available in almost any distribution in the default package pool.