Reputation: 393
request.is_secure() always returns false with uwsgi server
We are using Ngnix + uWSGI setup for our Django-based application.
Our problem is that request.is_secure() always returns false even though we are serving content on https.
As mentioned in the uWSGI documentation, I have set uwsgi_param UWSGI_SCHEME $scheme in nginx configuration or uwsgi_params, but it is of no use.
We also have Nginx + apache based setup for the same application, there it works just fine.
Any help will be appreciated.
Thanks in advance.
Upvotes: 8
Views: 6539
Answers (5)
Reputation: 10680
For gunicorn server fixed with:
Add this line to nginx.conf file:
proxy_set_header X-Forwarded-Proto $scheme;
And add this line to settings.py file:
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
Upvotes: 9
Reputation: 321
I recommend to use request.scheme instead of request.is_secure() to check if we currently using https protocol.
Upvotes: 3
Reputation: 1644
I had half a day of hell fixing this issue, so saving everyone the headache
Firstly,
set
uwsgi_param HTTP_X_FORWARDED_PROTO $scheme;
in nginx.conf
Then drop this line into settings.py
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
If you're on Django<1.4, you'll also need to enable the django-secure middleware
Upvotes: 5
Reputation: 393
Problem solved !!
We tried couple of things to fix it but couldn't get it working. I will put some more information here about the problem that we analyzed later on. Our current setup on webfaction looks like this :
WebFaction Nginx -> our nginix -> uwsgi server
what we found that there was some problem in configuration of webfaction nginx that it was passing all the traffic of (https and http) to our nginx on http protocol itself. So first we changed this setup to pass on the right traffic to right server.
Still we found that $scheme set by both nginx server is not correct, so what we finally did is to set the following in our nginx for https configuration:
uwsgi_param UWSGI_SCHEME https;
this solved the problem as of now.
Upvotes: 6
Reputation: 12943
is nginx the https terminator or you have some other server before it ?
In such a case the $scheme variable in nginx will always map to 'http'. You have to manually set it to 'https'
uwsgi_param UWSGI_SCHEME https;
Upvotes: 1
Related Questions
- Django login doesn't work with uwsgi/nginx
- Connecting uwsgi with Nginx does not work
- uwsgi: unrecognized option '--https'
- uwsgi http is ambiguous
- Django + uWSGI + Nginx + SSL - request for working configuration (emphasis on SSL)
- uWSGI configuration to use HTTPS
- Nginx and uWSGI stripping HTTP_AUTHORIZATION
- nginx with uwsgi and flask shows bad request for https connections only
- Django + uwsgi + nginx + SSL
- FastCGI application behind NGINX is unable to detect that HTTPS secure connection is used