Enable secure cookies
Add the following lines to your settings.py file:
SESSION_COOKIE_SECURE = True
CSRF_COOKIE_SECURE = True
Enable HTTPS on the server
Add the following lines to your wsgi/.htaccess file:
RewriteEngine on
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
Enable HTTPS in the WSGI script
Add the following lines to your wsgi/application file:
# make django aware that SSL is turned on
os.environ['HTTPS'] = "on"