Hi Django peeps,
Right now, I am in the middle of trying to secure a django app's admin
and store areas (satchmo).
I have installed a self-signed certificate for testing purposes and I
am able to encrypt all pages just fine EXCEPT for the admin page. Here
is my setup:
ubuntu 8.04 and apache2 with Django 1.0 and satchmo
And here is my set of situations that work and do not work:
Working: Encrypting all pages except for the admin area. To do this, I
simply went into my apache sites-enabled to mysite.com and did the
following:
changed <VirtualHost *:80> to <VirtualHost *:443>
and added in these lines toward the bottom of the directory:
#SSLEngine On
#SSLCertificateFile /etc/apache2/ssl/server.crt
#SSLCertificateKeyFile /etc/apache2/ssl/server.key
I also included {'SSL' : True} in the django urls.py to any URL that I
wanted to be encrypted including the admin URL: (r'^admin/', include
(admin.site.urls), {'SSL' : True}),
After I restart apache and go to my page, everything is https with no
problem. However, when I try to go to my admin page, it redirects me
from https:mysite.com/admin to http://mysite.com/admin and gives a 404
url cannot be found error.
Something else I tried was the directions given at:
http://www.tangerinesmash.com/2009/red-robot-studios-part-3-securing-django-ssl/
Using these directions, I tried to encrypt only the admin area with
the rewrite rule and got the good old error:
"Looks like your browser isn't configured to accept cookies. Please
enable cookies, reload this page, and try again."
What seems to be happening to me, is that django is forcing the admin
login to be http instead of https. Is there some setting that I am
missing out on?
Thanks in advance!
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups
"Django users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/django-users?hl=en
-~----------~----~----~----~------~----~------~--~---
