Django 使用zscaler作为反向代理的nginx web服务器
我有一个在Django上运行的网站,Nginx作为Web服务器,Redhat8操作系统。到目前为止,该网站运作良好。现在,我们正试图在nginxweb服务器前面放置一个反向代理。但我的身份验证失败,并显示一条错误消息Django 使用zscaler作为反向代理的nginx web服务器,django,nginx,zscaler,Django,Nginx,Zscaler,我有一个在Django上运行的网站,Nginx作为Web服务器,Redhat8操作系统。到目前为止,该网站运作良好。现在,我们正试图在nginxweb服务器前面放置一个反向代理。但我的身份验证失败,并显示一条错误消息 Forbidden (403) CSRF verification failed. Request aborted. You are seeing this message because this site requires a CSRF cookie when submitt
Forbidden (403)
CSRF verification failed. Request aborted.
You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.
If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for “same-origin” requests.
我所了解的是,当请求通过反向代理传递时,CSRF cookies设置不正确。
但是,当在没有反向代理的情况下访问同一URL时,它会有一个cookie。
下面是我的nginx.config文件,供您参考
upstream app_server {
server unix:/run/gunicorn.sock fail_timeout=0;
}
server {
listen 443 ssl default_server;
ssl on;
ssl_certificate /etc/httpd/ssl/portal_com.pem;
ssl_certificate_key /etc/httpd/ssl/portal_com.key;
server_name portal.company.com; # <- insert here the ip address/domain name
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
keepalive_timeout 5;
client_max_body_size 4G;
access_log /home/Project/logs/nginx-access.log;
error_log /home/Project/logs/nginx-error.log;
proxy_connect_timeout 20;
proxy_send_timeout 20;
proxy_read_timeout 20;
send_timeout 20;
client_body_timeout 20;
location /static/ {
alias /home/project/static/;
}
location /media/ {
alias /home/Project/media/;
location / {
try_files $uri @proxy_to_app;
}
location @proxy_to_app {
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Cookie $http_cookie;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_redirect off;
proxy_pass http://app_server;
proxy_connect_timeout 20;
proxy_send_timeout 20;
proxy_read_timeout 20;
send_timeout 20;
client_body_timeout 20;
}
}
上游应用程序服务器{
服务器unix:/run/gunicorn.sock失败\u超时=0;
}
服务器{
侦听443 ssl默认_服务器;
ssl-on;
ssl_certificate/etc/httpd/ssl/portal_com.pem;
ssl\u证书\u密钥/etc/httpd/ssl/portal\u com.key;
server_name portal.company.com;#使用该指令。