I have a Django website in production so DEBUG = False
There is a setting:
SESSION_COOKIE_SECURE = True
If it is set to True then I can access the admin and log in, but then I cannot access the website itself and I get a bad gateway error. If the setting is missing or set to False then I can access the website fine but I cannot log into admin. A bit confusing
Here are the settings related to domains and CSRF:
ALLOWED_HOSTS = ["localhost","102.219.85.91","founderslooking.com","app.founderslooking.com"]
CORS_ALLOWED_ORIGINS = [
"http://localhost",
"http://127.0.0.1",
"http://localhost:file",
"http://app.founderslooking.com",
]
CORS_ORIGIN_ALLOW_ALL = True
CORS_ALLOW_CREDENTIALS = True
SESSION_COOKIE_SAMESITE = None
SESSION_COOKIE_DOMAIN = "founderslooking.com"
SESSION_COOKIE_SECURE = True
CSRF_TRUSTED_ORIGINS = ["http://localhost", "http://*.127.0.0.1", "http://app.founderslooking.com",]
INTERNAL_IPS = [
"127.0.0.1",
]
First time I deploy a Django site so not sure what the settings should be for production. Thanks
I see this error in the NginX log:
*611 upstream prematurely closed connection while reading response header from upstream,