Reputation: 9980
How do I determine if my mod_wsgi application is running on HTTPS?
I've just inherited a Python application which is running under Apache 2.4, mod_wsgi 3.4 and Python 2.7. The same application serves both HTTP and HTTPS requests.
In the existing code, it is trying to determine if the reqeust was HTTPS by checking the environment:
if context.environ.get('HTTPS') not in ['on', '1']:
This check is failing, even when the connection actually was HTTPS. On looking at an extended traceback showing the environment variables, I saw that HTTPS was not actually in the environment passed from Apache.
So my questions are:
- Is this an Apache configuration problem?
- Is this check completely wrong and should be rewritten to check something else? And if so, what?
- Or should I give up and replace Apache with nginx like I really want to do?
Upvotes: 0
Views: 1696
Answers (2)
Reputation: 27772
Apache's mod_ssl can be configured to set the HTTPS environment variable, but doesn't do so by default for performance reasons.
You could explicitly enable it, but since you're using a WSGI application, it's probably a better idea to check the wsgi.url_scheme environment variable instead; the WSGI spec guarantees its presence, and it won't require any further changes to your application if you do eventually move to nginx.
Upvotes: 4
Related Questions
- How to check if mod_wsgi is installed on a shared Apache server?
- Configure SSL Certificate on Apache for Django Application (mod_wsgi)
- How to know using Django if server is secure (uses https)
- Django https ssl configuration error related to mod_wsgi
- HTTPS with Flask-RESTful and mod_wsgi
- Mod_wsgi https Error Connection Refused
- How to enable SSL for the built-in WSGI server from Python?
- How do I do multi-domain https with mod_wsgi?
- SSL based virtual host with django and mod_wsgi
- mod_wsgi, wsgi daemon visible behind _both_ http and https