> Den 10/12/2014 kl. 17.55 skrev pythonista <software.by.pyt...@gmail.com>: > 1. Can Django be made hardened via ssl?
"Django" is actually your WSGI server (gunicorn, uwsgi etc.). > 2. Doesn't Apache and the Proxy server provide sufficient security so that > ssl / django is not required? Apache *is* the proxy server in this case. Your WSGI server should be running on an IP address that's never reachable from the external network, even if Apache disappears. Either loopback if Apache and WSGI are on the same server, or internal firewalled IP if not. > 3. If the Proxy server goes down I can test some header responses to > determine if the call is from a secure call and from the expected server > If such security is required is that not sufficient? That's what firewalls are for. Block port 80 if security only allows HTTPS traffic to your website. Erik -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at http://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/C7CD7853-3EEB-401E-933D-23424250ABA0%40cederstrand.dk. For more options, visit https://groups.google.com/d/optout.
