[英]Django and SSL question
I am planning to sell products by charging credit cards thus using SSL will be critical for Django-powered website. 我计划通过收取信用卡来销售产品,因此使用SSL对于Django支持的网站至关重要。 And I am very naive for this. 我对此非常天真。
My initial django setup plan was using Apache as the webserver and using mod_wsgi to communicate with Django, static media again served by Apache. 我最初的django设置计划是使用Apache作为网络服务器,并使用mod_wsgi与Django进行通信,Apache再次提供静态媒体。 All seemed good until SSL protocol comes to the plans. 在SSL协议达成计划之前,一切似乎都很好。
I will be using SSL protocol for user account configuration pages, the whole purchase sequence and maybe at the django admin. 我将使用SSL协议用于用户帐户配置页面,整个购买顺序,也许在django管理员。
I have checked the official documentations and googled but answers are rather confusing. 我检查了官方文件并用Google搜索,但答案相当令人困惑。
Thanks 谢谢
I have deployed Django apps on SSL using Apache's mod_ssl
and mod_wsgi
. 我使用Apache的mod_ssl
和mod_wsgi
在SSL上部署了Django应用程序。
I am no Apache expert, but here's how I setup SSL for one site (put the directives below in the httpd.conf
file, or in a file referenced from that file, for instance in the sites-enabled
directory, if that is used in your Apache installation). 我不是Apache专家,但这里是我为一个站点设置SSL的方法(将下面的指令放在httpd.conf
文件中,或者放在从该文件引用的文件中,例如在sites-enabled
目录中,如果用于你的Apache安装)。 See the first documentation link below for how to create and use a self-signed certificate. 请参阅下面的第一个文档链接,了解如何创建和使用自签名证书。
NameVirtualHost *:443
<VirtualHost *:443>
SSLEngine On
SSLCertificateFile /etc/apache2/ssl/certificatefile.crt
SSLCertificateKeyFile /etc/apache2/ssl/certificatekeyfile.crt
WSGIScriptAlias / /path/to/file.wsgi
</VirtualHost>
Documentation links: 文档链接:
For those coming through Google, heres an example config for Nginx: 对于那些来自谷歌的人来说,这是Nginx的示例配置:
server {
listen 443 ssl default;
server_name example.com;
ssl on;
ssl_certificate /etc/nginx/server.crt;
ssl_certificate_key /etc/nginx/server.key;
add_header Cache-Control "public, must-revalidate";
# add_header Cache-Control "no-cache";
expires 1d;
add_header Strict-Transport-Security "max-age=2592000; includeSubdomains";
location / {
fastcgi_pass localhost:8000;
fastcgi_param PATH_INFO $fastcgi_script_name;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_pass_request_headers on;
# include fastcgi_params;
}
location /static {
root /home/myapp/application;
}
location = /favicon.ico {
root /home/myapp/application/assets;
access_log off;
log_not_found off;
}
}
Django doesn't handle the SSL stuff. Django不处理SSL的问题。 Apache will take care of that for you transparently and Django will work as usual. Apache将透明地为您处理这个问题,Django将照常工作。 You can check for SSL in a view with request.is_secure()
. 您可以使用request.is_secure()
在视图中检查SSL。
However you must serve links where appropriate as https urls. 但是,您必须在适当的位置提供链接作为https网址。 You also may want to redirect certain http pages to https pages (like the django admin screen). 您还可能希望将某些http页面重定向到https页面(如django管理界面)。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.