- 18 Feb, 2016 3 commits
-
-
Vladimir Mencl authored
Actually remove the X-Forwarded-SSL header from the Apache mod_wsgi snippet.
-
Vladimir Mencl authored
As per discussion in in #8 (primary mode of deployment is with mod_wsgi): * Comment out the header setting at Django side and also move it from settings.py to local_settings.py (because it's now a customizable item). * Change the header name to ````X-Forwarded-Protocol: https```` * Change the Apache recommendation to use the header name and take it out of the mod_uwsgi snippet - and instead add a new section describing mod_proxy_http as an option.
-
Vladimir Mencl authored
Django constructs redirect URLs as https only if request.is_secure() is true. And that evaluates to true if either uwsgi sets wsgi.url_scheme to https, or if the request header contains a key + value configured as a tuple in settings.SECURE_PROXY_SSL_HEADER As some parts might be accessed over plain http and some over https (if Apache exposes both ports), the easiest is to: * Use the conventional header: X-Forwarded-SSL: on * Set this header from Apache SSL VirtualHost * Configure Django to check for this header with: SECURE_PROXY_SSL_HEADER = ('X-Forwarded-SSL', 'on') As this is an essential security setting that shouldn't need additional tweaks, adding the setting to settings.py (and not local_settings.py). Without this fix, the login form at /admin/ would upon successful login redirect to plain http, even when accessed over https.
-
- 21 Nov, 2015 1 commit
-
-
Zenon Mousmoulas authored
-
- 20 Nov, 2015 1 commit
-
-
Kroustouris Stauros authored
-
- 04 Nov, 2015 1 commit
-
-
Kroustouris Stauros authored
-
- 28 Sep, 2015 1 commit
-
-
Kroustouris Stauros authored
-
- 14 Jul, 2015 1 commit
-
-
Kroustouris Stauros authored
-
- 29 Oct, 2014 1 commit
-
-
Kroustouris Stavros authored
-
- 06 Oct, 2014 1 commit
-
-
Leonidas Poulopoulos authored
-
- 02 Oct, 2014 8 commits
-
-
Zenon Mousmoulas authored
-
Zenon Mousmoulas authored
-
Zenon Mousmoulas authored
-
Zenon Mousmoulas authored
-
Kroustouris Stauros authored
-
Kroustouris Stavros authored
-
Zenon Mousmoulas authored
-
Zenon Mousmoulas authored
-
- 30 Sep, 2014 4 commits
-
-
Zenon Mousmoulas authored
-
Kroustouris Stavros authored
Just mention about EXTRA_ prefix in local settings
-
Zenon Mousmoulas authored
-
Kroustouris Stauros authored
-
- 29 Sep, 2014 14 commits
-
-
Kroustouris Stauros authored
-
Kroustouris Stauros authored
-
Kroustouris Stauros authored
-
Kroustouris Stauros authored
-
Kroustouris Stavros authored
-
Kroustouris Stauros authored
-
Kroustouris Stauros authored
-
Kroustouris Stauros authored
-
Kroustouris Stavros authored
-
Kroustouris Stauros authored
-
Kroustouris Stauros authored
-
Kroustouris Stavros authored
-
Kroustouris Stauros authored
-
Kroustouris Stauros authored
Add a wsgi file in order to remove it in case of upgrade
-
- 26 Sep, 2014 3 commits
-
-
Kroustouris Stauros authored
-
Kroustouris Stauros authored
-
Kroustouris Stauros authored
-
- 05 Aug, 2014 1 commit
-
-
Stauros Kroustouris authored
-