Fatal编程技术网
  • django/
  • Django 使用zscaler作为反向代理的nginx web服务器

Django 使用zscaler作为反向代理的nginx web服务器

django nginx

Django 使用zscaler作为反向代理的nginx web服务器,django,nginx,zscaler,Django,Nginx,Zscaler,我有一个在Django上运行的网站,Nginx作为Web服务器,Redhat8操作系统。到目前为止,该网站运作良好。现在,我们正试图在nginxweb服务器前面放置一个反向代理。但我的身份验证失败,并显示一条错误消息 Forbidden (403) CSRF verification failed. Request aborted. You are seeing this message because this site requires a CSRF cookie when submitt

我有一个在Django上运行的网站,Nginx作为Web服务器,Redhat8操作系统。到目前为止,该网站运作良好。现在,我们正试图在nginxweb服务器前面放置一个反向代理。但我的身份验证失败,并显示一条错误消息

Forbidden (403)
CSRF verification failed. Request aborted.

You are seeing this message because this site requires a CSRF cookie when submitting forms. This cookie is required for security reasons, to ensure that your browser is not being hijacked by third parties.

If you have configured your browser to disable cookies, please re-enable them, at least for this site, or for “same-origin” requests.
我所了解的是,当请求通过反向代理传递时,CSRF cookies设置不正确。 但是,当在没有反向代理的情况下访问同一URL时,它会有一个cookie。 下面是我的nginx.config文件,供您参考

upstream app_server {
    server unix:/run/gunicorn.sock fail_timeout=0;
}
server {
    listen 443 ssl default_server;

    ssl on;
    ssl_certificate /etc/httpd/ssl/portal_com.pem;
    ssl_certificate_key /etc/httpd/ssl/portal_com.key;
    server_name portal.company.com;  # <- insert here the ip address/domain name
    ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

    keepalive_timeout 5;
    client_max_body_size 4G;

    access_log /home/Project/logs/nginx-access.log;
    error_log /home/Project/logs/nginx-error.log;

    proxy_connect_timeout   20;
    proxy_send_timeout     20;
    proxy_read_timeout     20;
    send_timeout           20;
    client_body_timeout    20;

    location /static/ {
        alias /home/project/static/;
    }


    location /media/ {
        alias /home/Project/media/;
        
    location / {
        try_files $uri @proxy_to_app;
    }

    location @proxy_to_app {
      proxy_set_header X-Forwarded-Host $host;
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

      proxy_set_header Cookie $http_cookie;
      proxy_set_header Host $http_host;
      proxy_set_header X-Real-IP $remote_addr;
      proxy_redirect off;
      proxy_pass http://app_server;
      proxy_connect_timeout   20;
      proxy_send_timeout      20;
      proxy_read_timeout      20;
      send_timeout            20;
      client_body_timeout     20;
    }
}


上游应用程序服务器{
服务器unix:/run/gunicorn.sock失败\u超时=0;
}
服务器{
侦听443 ssl默认_服务器;
ssl-on;
ssl_certificate/etc/httpd/ssl/portal_com.pem;
ssl\u证书\u密钥/etc/httpd/ssl/portal\u com.key;
server_name portal.company.com;#使用该指令。