Try to use the presense of http to mark a connection as insecure rather than using the presense of https to make it as secure.

2013-10-02 14:35:54 -04:00 · 2013-10-02 14:35:54 -04:00 · 2ff96ffd87
commit 2ff96ffd87
parent 504bc7e04e
1 changed files with 3 additions and 3 deletions
--- a/wsgi.conf
+++ b/wsgi.conf
@ -7,11 +7,11 @@ WSGIPassAuthorization On
 WSGIChunkedRequest On

 <VirtualHost *:80>
-  SetEnvIf X-Forwarded-Proto https HTTPS=1
+  SetEnvIf X-Forwarded-Proto !http HTTPS=1

  RewriteEngine On
-  RewriteCond %{HTTP:X-Forwarded-Proto} !https
-  RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=permanent]
+  RewriteCond %{HTTP:X-Forwarded-Proto} http
+  RewriteRule !/status https://%{SERVER_NAME}%{REQUEST_URI} [L,R=permanent]

  Alias /static /opt/python/current/app/static/
  <Directory /opt/python/current/app/>