Well, was wondering what the recommended way for securing the django admin site with webfaction certificate, an internet search recommend the use of a middleware (which I'm not familar with), but was wondering is there a recommended & easy way for doing so in webfaction?
Yes, there is a much easier way to do this than through a middleware component. Simply host your django application on two website records simultaneously -- one for HTTP, and one for HTTPS. The front-end Nginx webserver will handle removing the encryption layer, which then forwards to your Django application. This allows SSL to be used transparently with your existing application.
Optionally, you can then implement a redirect in your httpd.conf for the HTTPS website to redirect to your HTTP site, for all URLs that do not fall under /admin. For example:
And you may want a parallel one for redirecting non-HTTPS requests for /admin to the HTTPS site:
answered Dec 02 '10 at 00:58
I'm not sure if this is what everyone means, but the simplest solution I have found is this:
It might take a little while for the update to take affect. One of the other answers shows you how to update your httpd.conf to redirect only /admin to https.
As a note I noticed that when I first checked https and updated the https version of the site didn't work. Then I unchecked it and pressed update again. The https version of the site immediately started working but then stopped after a few minutes. I checked it again, and it didn't work (i'm assuming after some period of time it would start working), so I unchecked it, and made sure it worked which it did and then immediately rechecked the option. It continued working and hasn't stopped since.
answered Jan 18 '11 at 13:06