I’m a huge proponent of encrypting everything. Why make it easy for the government (or other nasty organizations) to snoop on your personal data? As such, over the past several months I’ve been slowly migrating all my Django sites to SSL. Along the way, I realized how horrifically underserved the SSL library market actually is for Django.
A quick search for ‘Django + SSL’ on google returned nothing useful. I couldn’t find any libraries or tools that made ‘forcing HTTPs’ a one liner. The only useful thing I was able to dig up after a bit of hunting was this StackOverflow post that contains some custom middleware code that forces HTTPs redirection.
django-sslify is a piece of cake. Essentially–all you have to do
django-sslify (duh!) and then modify your Django
file like so:
# ... MIDDLEWARE_CLASSES = ( 'sslify.middleware.SSLifyMiddleware', # ... ) # ...
Once you’ve done that, all HTTP requests to your site will be permanently redirected to their HTTPs equivalents, forcing SSL encryption.