|Project Name||Stars||Downloads||Repos Using This||Packages Using This||Most Recent Commit||Total Releases||Latest Release||Open Issues||License||Language|
|Django Sslserver||596||337||7||3 years ago||13||December 10, 2019||34||mit||Python|
|A SSL-enabled development server for Django|
|Django Secure||479||407||3 years ago||8||March 31, 2020||bsd-3-clause||Python|
|This project was merged into Django 1.8, and is now unsupported and unmaintained as a third-party app.|
|Django Sslify||337||300||a year ago||8||April 06, 2015||9||unlicense||Python|
|Force SSL on your Django site.|
|A blog made with django designed like a scientific paper written in LaTeX.|
|Django Rest Framework Proxy||124||9||3 years ago||7||October 29, 2015||15||Python|
|Django Rest Framework Proxy views|
|Django Ssl Auth||69||5 years ago||1||December 15, 2021||1||mit||Python|
|SSL authentication backend & middleware for Django for authenticating users with SSL client certificates|
|Aiohttp Json Rpc||52||4||4||2 years ago||52||December 14, 2020||8||apache-2.0||Python|
|Implements JSON-RPC 2.0 using aiohttp|
|Django Up||48||3 months ago||5||mit||Jinja|
|Zero configuration Django deployments|
|Complete system to create your own server ddns|
Do you want to force HTTPs across your Django site? You're in the right place!
Enabling SSL on your Django site should be easy, easy as in one-line-of-code
easy. That's why I wrote
The goal of this project is to make it easy for people to force HTTPS on every page of their Django site, API, web app, or whatever you're building. Securing your site shouldn't be hard.
This package was written before Django 1.8. If you are using Django 1.8 or later, you do not need this library in order to force HTTPS. Instead, you can just change your
settings.py file to include
# in settings.py SECURE_SSL_REDIRECT = True
If you are using Heroku, you may need to add
SECURE_PROXY_SSL_HEADER as well.
# in settings.py SECURE_SSL_REDIRECT = True SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
Django's documentation includes more details about security settings for HTTPS.
If you are using an older version of Django (1.7 or earlier), then this package is for you.
django-sslify, simply run:
$ pip install django-sslify
This will install the latest version of the library automatically.
If you're using Heroku, you should add
django-sslify>=0.2 to your
$ echo 'django-sslify>=0.2.0' >> requirements.txt
Once you've done this, the next time you push your code to Heroku this library will be installed for you automatically.
To use this library, and force SSL across your Django site, all you need to do
is modify your
settings.py file, and prepend
sslify.middleware.SSLifyMiddleware to your
# settings.py MIDDLEWARE_CLASSES = ( 'sslify.middleware.SSLifyMiddleware', # ... )
sslify.middleware.SSLifyMiddleware is the first middleware
class listed, as this will ensure that if a user makes an insecure request
(over HTTP), they will be redirected to HTTPs before any actual
If you're using Heroku, you should also add the following settings to your Django settings file:
SECURE_PROXY_SSL_HEADER = ('HTTP_X_FORWARDED_PROTO', 'https')
This ensures that Django will be able to detect a secure connection properly.
If your site is running on a non-standard SSL port, you can change
django-sslify's default redirection behavior by setting a special variable
SSLIFY_PORT = 999
If you'd like to disable SSLify in certain environments (for local development, or running unit tests), the best way to do it is to modify your settings file and add the following:
SSLIFY_DISABLE = True
You can also disable SSLify for certain requests only (useful for exposing
HTTP-only web hook URLs, etc) by adding a callable with a single request
parameter to the
SSLIFY_DISABLE_FOR_REQUEST list. Returning
your callable will disable SSL redirects.
SSLIFY_DISABLE_FOR_REQUEST = [ lambda request: request.get_full_path().startswith('/no_ssl_please') ]
This code was initially taken from this StackOverflow thread.
This code has been adopted over the years to work on Heroku, and non-Heroku platforms.
If you're using Heroku, and have no idea how to setup SSL, read this great article which talks about using the new SSL endpoint addon (which totally rocks!).
If you're running your Django app behind an Nginx load balancer, and are seeing infinite redirects, the solution is to add the following line:
proxy_set_header X-Forwarded-Proto $scheme;
nginx.conf file, inside of the relevant
location blocks. This
Stack Overflow thread
might also be useful.
This project is only possible due to the amazing contributors who work on it!
If you'd like to improve this library, please send me a pull request! I'm happy to review and merge pull requests.
The standard contribution workflow should look something like this:
Also, if you're making changes, please write tests for your changes -- this project has a full test suite you can easily modify / test.
To run the test suite, you can use the following commands:
$ cd django-sslify $ python setup.py develop $ python manage.py test sslify
All library changes, in descending order.
Released January 15, 2018.
Released December 28, 2014.
SSLIFY_DISABLE_FOR_REQUESTsetting which allows a user to specify functions that can choose to reject SSL -- this is useful for situations where you might want to force SSL site-wide EXCEPT in a few circumstances (webhooks that don't support SSL, for instance).
Released on November 23, 2014.