FastCGI application behind NGINX is unable to detect that HTTPS secure connection is used

Question

I'm running FastCGI behind Nginx, and need to detect when the url is accessed via HTTPS. However, my Django web application always reports that the connection is HTTP (request.is_secure() == False). However, SSL is setup correctly, and I've verified my https:// urls are secure with an SSL checker.

How can I get Django to correctly detect when the request is from an HTTPS url?

My Nginx settings are:

http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    keepalive_timeout  65;

    gzip  on;

    server {
        listen       80;
        listen       443 default ssl;
        ssl_certificate   /home/webapp/ssl.crt
        ssl_certificate_key /home/webapp/ssl.key

        server_name  myapp.com;
        access_log /home/webapp/access.log
        error_log  /home/webapp/error.log

        root   /home/mywebapp;

        location / {
               # host and port to fastcgi server                      
           fastcgi_pass 127.0.0.1:8801;
           fastcgi_param PATH_INFO $fastcgi_script_name;
           fastcgi_param REQUEST_METHOD $request_method;
           fastcgi_param QUERY_STRING $query_string;
           fastcgi_param SERVER_NAME $server_name;
           fastcgi_param SERVER_PORT $server_port;
           fastcgi_param SERVER_PROTOCOL $server_protocol;
           fastcgi_param CONTENT_TYPE $content_type;
           fastcgi_param CONTENT_LENGTH $content_length;
           fastcgi_pass_header Authorization;
           fastcgi_intercept_errors off;
        }
    }
}

I start the Django FastCGI process with:

python /home/webapp/manage.py runfcgi method=threaded host=127.0.0.1 port=8801 pidfile=/home/webapp/fastcgi.pid 

Answer 1

Thanks to Yuji for the answer. I've updated my server block to conditionally inject HTTPS on or HTTPS off, depending on $server_port:

{

server {
    listen       80;
    listen       443 default ssl;

    if ($server_port = 443) { set $https on; }
    if ($server_port = 80) { set $https off; }

    ssl_certificate   /home/webapp/ssl.crt
    ssl_certificate_key /home/webapp/ssl.key

    server_name  myapp.com;
    access_log /home/webapp/access.log
    error_log  /home/webapp/error.log

    root   /home/mywebapp;

    location / {
           # host and port to fastcgi server                      
       fastcgi_pass 127.0.0.1:8801;
       fastcgi_param PATH_INFO $fastcgi_script_name;
       fastcgi_param REQUEST_METHOD $request_method;
       fastcgi_param QUERY_STRING $query_string;
       fastcgi_param SERVER_NAME $server_name;
       fastcgi_param SERVER_PORT $server_port;
       fastcgi_param SERVER_PROTOCOL $server_protocol;
       fastcgi_param CONTENT_TYPE $content_type;
       fastcgi_param CONTENT_LENGTH $content_length;
       fastcgi_pass_header Authorization;
       fastcgi_intercept_errors off;

       fastcgi_param HTTPS $https;
    }
}

}

Answer 2

Make sure nginx is sending fastcgi_param HTTPS on for connections on 443.