Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

How to force the use of SSL for some URL of my Django Application?

I want to be sure that for some URL of my website, SSL will be use. I saw a lot of answer already on SO.

Force redirect to SSL for all pages apart from one

So I think I will use mod_rewrite.

My question is more about how to configure the Virtual Host to run my Django Application over HTTP and over HTTPS without problems. I am using WSGI.

Is it a problem to just duplicate the configuration over *:443 and over *:80? What should I do to have the best configuration?

like image 315
Natim Avatar asked Oct 10 '09 15:10

Natim


People also ask

How do I change http to https in Django?

The runserver command only handles http. However if you have SECURE_SSL_REDIRECT set to True then you will be redirected from http to https. See the Django docs on SSL/HTTPS for more information.


1 Answers

If by WSGI you actually mean Apache/mod_wsgi, then although mounted WSGI applications normally get run in their own sub interpreters, the 80/443 split is a special case and even though in different VirtualHost so long as mount point for WSGIScriptAlias, and the ServerName are the same, they will be merged.

<VirtualHost *:80>
ServerName www.example.com

WSGIScriptAlias / /some/path/django.wsgi.
</VirtualHost>

<VirtualHost *:443>
ServerName www.example.com

WSGIScriptAlias / /some/path/django.wsgi.
</VirtualHost>

This will happen for daemon mode as well, but with daemon mode you need to define only a single daemon process group in first VirtualHost definition and then just refer to that from both with WSGIProcessGroup.

<VirtualHost *:80>
ServerName www.example.com

WSGIDaemonProcess mydjangosite ...
WSGIProcessGroup mydjangosite

WSGIScriptAlias / /some/path/django.wsgi.
</VirtualHost>

<VirtualHost *:444>
ServerName www.example.com

WSGIProcessGroup mydjangosite

WSGIScriptAlias / /some/path/django.wsgi.
</VirtualHost>

The WSGIProcessGroup can only reach across like to that VirtualHost for same ServerName.

Django provides a is_secure() method for determining when request came via HTTPS which derives from WSGI variable with request called 'wsgi.url_scheme' which is set by mod_wsgi.

So, you would have one single Django WSGI script file and settings file. You just need to duplicate application mounting as decsribed in Apache/mod_wsgi configuration.

like image 150
Graham Dumpleton Avatar answered Oct 28 '22 03:10

Graham Dumpleton