diff --git a/requirements.txt b/requirements.txt
index 6dd0753..e2ff01c 100644
--- a/requirements.txt
+++ b/requirements.txt
@@ -31,5 +31,6 @@ setuptools==75.3.0
 sqlparse==0.4.1
 toml==0.10.2
 typing_extensions==4.12.2
+tzdata==2024.2
 urllib3==2.2.3
 wrapt==1.12.1
diff --git a/shimatta_kenkyusho/shimatta_kenkyusho/settings_production.py b/shimatta_kenkyusho/shimatta_kenkyusho/settings_production.py
index 2775540..e30907f 100644
--- a/shimatta_kenkyusho/shimatta_kenkyusho/settings_production.py
+++ b/shimatta_kenkyusho/shimatta_kenkyusho/settings_production.py
@@ -56,7 +56,6 @@ if get_env_value('DJANGO_FORCE_DEV_MODE', default=False) == 'True':
 
 ALLOWED_HOSTS = ['127.0.0.1', 'localhost', get_env_value('DJANGO_ALLOWED_HOST')]
 
-
 # Application definition
 
 INSTALLED_APPS = [
@@ -239,4 +238,7 @@ CSRF_COOKIE_SECURE = True
 
 SECURE_SSL_REDIRECT = False
 
+# allow detection of https behind "old" nginx
+SECURE_PROXY_SSL_HEADER = ("HTTP_X_FORWARDED_PROTO", "https")
+
 SECURE_HSTS_SECONDS = get_env_value('DJANGO_SECURE_HSTS_SECONDS', default=120)