I've got django running in uwsgi behind nginx. When I try to access https://site/admin/ I get the expected login screen. Logging in via the form seems to succeed, however, I simply end up back at the login screen. Firebug shows a redirect to the plain http://site/admin/ url which is then redirectec by nginx to the https url.

Help! I'm confused as to how to force the admin app to use only https urls.

Note this seems to be a related, unanswered question: https://example.com/admin redirects to https://admin in Django Nginx and gunicorn

加入以下nginx.conf固定我的问题。

location / {
    ...
    include                 uwsgi_params;
    uwsgi_param             HTTP_X_FORWARDED_PROTOCOL https;
    uwsgi_param             UWSGI_SCHEME   $scheme;
}

随着加入以下的settings.py：

SESSION_COOKIE_SECURE = True
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTOCOL', 'https')
CSRF_COOKIE_SECURE = True

下面应该是所有你需要有所有流量重定向到HTTPS管理应用

location /site/admin/ {
  rewrite ^ https://$host/$request_uri permanent;
}

如果不工作，你可以发表你的实际nginx的配置位？ 不能真的建议更多的则是不实际的配置来看待。

更新的Django 1.8 settings.py：

SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
SECURE_SSL_REDIRECT = True
SECURE_REDIRECT_EXEMPT = [r'^(?!admin/).*']

并为您的研究与开发钻机你可能要改写SECURE_SSL_REDIRECT = False在你的本地设置。