SSL Certification - Githubissues

civictechindex / CTI-website-frontend

Join a worldwide movement to catalog  every open source  civic tech project.

https://civictechindex.org

MIT License

30 stars 30 forks source link

SSL Certification #1183

Open bribenn opened 2 years ago

bribenn commented 2 years ago

Overview

The website needs to function properly when typed as "http://civictechindex.org", "https://civictechindex.org", and "civictechindex.org"

Action Items

[ ] Set up an instance for each case and make sure it is working

Resources/Instructions

This is done in AWS account

deserat commented 2 years ago

This is best handled at the ops level, by the CDN or LoadBalancer. A clear text request should never make it to the application server.

I can assist in doing this for the following platforms; Nginx, Cloudflare, and Google Compute Platform.

That said, the django setting SECURE_SSL_REDIRECT can be set to to True to accomplish this, given all the right headers are passed from whatever is fronting this application.