From 2ff96ffd8760138b26a251cf9396bd5bc5e289ed Mon Sep 17 00:00:00 2001 From: yackob03 Date: Wed, 2 Oct 2013 14:35:54 -0400 Subject: [PATCH] Try to use the presense of http to mark a connection as insecure rather than using the presense of https to make it as secure. --- wsgi.conf | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/wsgi.conf b/wsgi.conf index d4c459e2b..f5df7de10 100644 --- a/wsgi.conf +++ b/wsgi.conf @@ -7,11 +7,11 @@ WSGIPassAuthorization On WSGIChunkedRequest On - SetEnvIf X-Forwarded-Proto https HTTPS=1 + SetEnvIf X-Forwarded-Proto !http HTTPS=1 RewriteEngine On - RewriteCond %{HTTP:X-Forwarded-Proto} !https - RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} [L,R=permanent] + RewriteCond %{HTTP:X-Forwarded-Proto} http + RewriteRule !/status https://%{SERVER_NAME}%{REQUEST_URI} [L,R=permanent] Alias /static /opt/python/current/app/static/