Securing Django web server with SSL - HTTPS and Lets Encrpyt




Welcome to Part 12 of our Django tutorial series, in this part we're going to be discussing how to enable SSL for HTTPS using Lets Encrypt on our nginx server. Doing this with Lets Encrypt is completely free.

Run:

sudo apt-get update

sudo apt-get upgrade

sudo apt-get install git

cd /home/django/django_project/

Next, we want to grab the Lets Encrypt files and set things up:

git clone https://github.com/letsencrypt/letsencrypt

cd letsencrypt

./letsencrypt-auto --help

Next, we're going to grab our certificate:

service nginx stop

./letsencrypt-auto certonly --standalone -d example.com ...replacing example.com with your website.

This will just give you the certificate, but it will not configure your server to actually use that certificate. Thus, next:

sudo nano /etc/nginx/sites-available/django

At the top, you want to comment out the two lines about listening on port 80, then add the following:

server {
	#listen 80 default_server;
	#listen [::]:80 default_server ipv6only=on;
	listen 443 ssl;
	server_name psyber.io;
	ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
	ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;

Next, scroll down to the bottom of the file, and add another sever statement:

server {
	listen 80;
	server_name example.com;
	return 301 https://$host$request_uri;
}

What this does for us is redirects all traffic to be HTTPS traffic. This is not necessary, but I have no idea why you would elect not to do this. In some cases, things like advertisements may not have a secure delivery option, thus breaking the ads on your page, so forcing HTTPS could mean you lose money. I do not find this to be a worthy reason to not force HTTPS, but you may consider that differently. Note that while your Google Adsense account may initially suffer for this reason, your Google organic search results will benefit from your website being a secure website.

Replacing example.com with your domain, save these changes, restart nginx: service nginx restart

Loading your domain now should yield you the green lock symbol and HTTPS.


}



  • Django Web Development with Python Introduction

  • First Website - Django Web Development Tutorial

  • Jinja Templates - Django Web Development Tutorial

  • Design with HTML/CSS - Django Web Development Tutorial

  • Jinja Variables - Django Web Development Tutorial

  • Beginning a Blog - Django Web Development Tutorial

  • Views and Templates - Django Web Development Tutorial

  • Database migrations - Django Web Development Tutorial

  • Admin control panel - Django Web Development Tutorial

  • Finishing blog - Django Web Development Tutorial

  • Publishing Django Project to a web server tutorial

  • Securing Django web server with SSL - HTTPS and Lets Encrpyt