堆栈内存溢出
  简体   繁体   English

在Nginx后面通过HTTPS访问Django Admin

[英]Accessing Django Admin over HTTPS behind Nginx

 原文  2012-08-13 23:01:56       django/ redirect/ https/ nginx/ admin

问题描述

I've got django running in uwsgi behind nginx. 我在dginx后面的uwsgi中运行django。 When I try to access https://site/admin/ I get the expected login screen. 当我尝试访问https://site/admin/我得到了预期的登录屏幕。 Logging in via the form seems to succeed, however, I simply end up back at the login screen. 通过表单登录似乎成功,但是,我只是回到登录屏幕。 Firebug shows a redirect to the plain http://site/admin/ url which is then redirectec by nginx to the https url. Firebug显示重定向到普通的http://site/admin/ url,然后通过nginx将redirectec重定向到https网址。

Help! 救命! I'm confused as to how to force the admin app to use only https urls. 我很困惑如何强制管理应用程序只使用https网址。

Note this seems to be a related, unanswered question: https://example.com/admin redirects to https://admin in Django Nginx and gunicorn 请注意,这似乎是一个相关的,未回答的问题: https://example.com/admin重定向到https://管理员在Django Nginx和gunicorn

3 个解决方案

解决方案1
 10 已采纳  2012-08-16 19:56:35

Adding the following to nginx.conf fixed the issue for me. 在nginx.conf中添加以下内容为我解决了这个问题。 

location / {
    ...
    include                 uwsgi_params;
    uwsgi_param             HTTP_X_FORWARDED_PROTOCOL https;
    uwsgi_param             UWSGI_SCHEME   $scheme;
}

Along with adding the following to settings.py: 除了将以下内容添加到settings.py: 

SESSION_COOKIE_SECURE = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
CSRF_COOKIE_SECURE = True

解决方案2
 2  2012-08-15 20:39:35

the following should be all you need to have all traffic to the admin app redirected to https 以下应该是将管理员应用程序的所有流量重定向到https所需的全部内容 

location /site/admin/ {
  rewrite ^ https://$host/$request_uri permanent;
}

If that doesn't work, can you post your actual nginx config bits? 如果这不起作用,你可以发布你的实际nginx配置位吗? Can't really suggest more then that without your actual config to look at. 如果没有你的实际配置,那么真的无法提出更多建议。

解决方案3
 0  2017-10-17 22:18:22

Update for Django 1.8 settings.py: Django 1.8 settings.py的更新: 

SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_SSL_REDIRECT = True
SECURE_REDIRECT_EXEMPT = [r'^(?!admin/).*']

And for your developement rig you may want to overwrite SECURE_SSL_REDIRECT = False in your local settings. 对于您的开发工具,您可能希望在本地设置中覆盖SECURE_SSL_REDIRECT = False

暂无
暂无

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

相关问题 在nginx代理后面带有https的Django URL - Django urls with https behind nginx proxy Https上的OpenLayersWidget和Django Admin Maps - OpenLayersWidget & Django Admin Maps over Https 在Django Nginx和gunicorn中,https://example.com/admin重定向到https:// admin - https://example.com/admin redirects to https://admin in Django Nginx and gunicorn 使用apache2在https上运行django admin - Running the django admin over https using apache2 在https后面的django频道 - django channels behind https Django,Nginx,HTTPs和HttpResponseRedirect - Django, Nginx, HTTPs and HttpResponseRedirect 在Django的Nginx中强制使用HTTPS - Force HTTPS in Nginx for Django Django nginx管理媒体 - Django nginx admin media 在Nginx后面调试Django / Gunicorn - Debugging Django/Gunicorn behind Nginx 用nginx在本地主机子域后面的django - django behind subdomain on localhost with nginx
相关标签
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM