How to use django-sslify to force https on my Django+nginx+gunicorn web app, and rely on Cloudflare's new free SSL? -

-

INTRODUCTION

Now, and I will not be fooled to take advantage of it on my site, and To break everything in the process of trying a downright dickhead,

I can fix code apps, but when installing or configuring https / nginx / gunicorn / etc / idon'tknowtheterminology So, I know enough to follow the Googled instructions.

Question

I would like to use the DJGengo-SSLFiage to force https on my DNS web app.

known facts

  1. how can I do this
    1. How do I get balance without balancing my life? Can i do 1.7, is running on a digital osian server, which has reached a (free) cloud flare DNS. (Service?)
    2. Manually access my site to default in the headers.
    3. Manually switch to green lock and work with everyone, but it breaks all form submissions error "(403) CSRF verification failed. The request has been canceled."
    4. In my cloud-flares site settings, the domain is currently configured for "Flexible SSL".
    5. Django breaks everything with my current setup firmly, and is unable to return the browser response.
    6. Tells me that I should use the "full SSL" configuration setting when using django-sslify with cloud-flare SSL. / Li>
    7. Due to hesitation, where it has been mentioned that a $ 20 / mo Pro Cloudflare account is required to control SSL termination, I do not really want to screw it: /
    8. There was only 1 instance of "http" or "https" in my NGNX and Gnocornian configurations, especially in my NGN config:

    location / { Proxy_pass http://127.0.0.1:8001; ...}

    OK I think I have all

    In addition, my server is a Django Rest Framework API for a phonegap app Provides, should it be kept in mind? Let me know if I need to provide additional information and I'll be back to you. Thanks for taking a look at this! :)

CloudFlare allows you to enable specific, one of which is applicable to SSL (by) To do. Additionally, the good thing is to use addition django-sslify or django-secure

To establish SSL redirect, you also need to handle Jango's secure requests. Fortunately, to do this, but there are some things that it is not mentioned but I have had to do with NGNX.

In your DNS settings, how do you find a secure request for Django 

  SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')

In your nginx configuration, you need to set up the X-Forward-Protocol header (and for X-forwarded-for- / X -skem headers are also useful). 

  Proxy_Set_Header X-Scheme $ Scheme; Proxy_set_header ex-forward-protocol $ scheme; Proxy_set_header X-Forward- $ proxy_add_x_forwarded_for;

You need a proxy below header, so Django is able to read the correct host and port, which is used to create full URL and CSRF , Among other things 

  proxy_set_header host $ http_host;

Note that I have $ http_host instead of $ host_port $ host_port or $ host: $ server_port is the variable used. This will ensure that the DEGENGO still respect CSRF requests on non-standard ports, while still giving you the correct absolute URL.

With most things related to NGNX and Goncorn, YMMV and it becomes easier after you many times.


Comments

Post a Comment

Popular posts from this blog

winforms - C# Form - Property Change -

-
I have a form that has a property named car A class with many properties. The Properties is being displayed on the current car on the basis of some user actions that are being displayed. So I have to know whether the property has been allocated or set to zero. I'm aware of INotifyPropertyChanged , but in my case I'm not sure that since this change I have changed my car properties car do not want to monitor the property. Any idea how to accomplish this? In advance thank you If you have created a true asset in your class then You should be a great and setter, you can add the code directly to the form property in order to take action on the basis of "form": Public partial category Form 1: form {public form 1 () {InitializeComponent (); } // define car square public class car {public string name = string. Empty; } // private car to keep the value of the current car private variable _car = null; // Property of public form which you can ru...
Read more

java - Messages from .properties file do not display UTF-8 characters -

-
Image
In the form of a title, I can only add that if I enter the html file manually, then it Okay. View Rolver: & lt; Bean id = "templorellolver" class = "org.thymeleaf.templateresolver.ServletContextTemplateResolver" & gt; & Lt; Property name = "prefix" value = "/ web-nf / templates" /> & Lt; Property name = "suffix" value = ". Html" /> & Lt; Property Name = "Template Mode" Value = "HTML5" /> & Lt; Asset name = "cacheable" value = "wrong" /> & Lt; Property Name = "characterEncoding" value = "UTF-8" /> & Lt; / Bean & gt; & Lt; Bean id = "Template Engine" class = "org.thymeleaf.spring3.SpringTemplateEngine" & gt; & Lt; Property Name = "Temploreolar" ref = "Templarolver" /> & Lt; / Bean & gt; & Lt; Bean square = "org.thymeleaf.spring3.view.Thymel...
Read more

javascript - amcharts makechart not working -

-
I am trying to create an amiratars serial chart on my Durandal single page application. This chart was working fine on Chrome browser but it is not working on IE. Can you please help me in this regard. Error while using Amcharts. The Macchart () method does not support the object in this object in IE.
Read more