How can I prevent a redirect loop by using SSL with gunicorn / nginx?


I get a redirect loop when using SSL middleware to redirect certain urls to HTTPS. What should I do?

My nginx config is set up to forward requests to gunicorn.

There are a couple of steps here.

First of all, modify the way your middleware checks for SSL:

  def _is_secure(self, request):
    if request.is_secure():
      return True

    if 'HTTP_X_SSL_PROTOCOL' in request.META:
      return True

    return False

Then change your nginx config as follows:

server {
    listen 80;
    listen 443 ssl;


    location / {

        proxy_set_header X-SSL-Protocol $ssl_protocol;
        proxy_pass http://localhost:8000/;

proxy_set_header will only be passed on if ssl_protocol is not null, i.e., it's a secure connection.

Restart nginx and you're done.