I've create a Django (1.7) web application with a Nginx, Gunicorn, Django stack and recently I've started to get a number of errors:
[Django] ERROR (EXTERNAL IP): Invalid HTTP_HOST header: '*.domain.com'. The domain name provided is not valid according to RFC 1034/1035.
After searching around, I've found several response that suggest putting the wildcard as the allowed hosts, i.e.
ALLOWED_HOSTS = ['*']
However I'm still getting this error.
Here is the full error message:
Request repr():
<WSGIRequest
path:/,
GET:<QueryDict: {}>,
POST:<QueryDict: {}>,
COOKIES:{},
META:{'HTTP_ACCEPT_ENCODING': 'none',
'HTTP_CONNECTION': 'close',
'HTTP_HOST': '*.domain.com',
'HTTP_USER_AGENT': 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; InfoPath.2)',
'HTTP_X_FORWARDED_FOR': '11.111.111.11',
'HTTP_X_FORWARDED_HOST': 'subdomain.domain.com',
'HTTP_X_REAL_IP': '11.111.111.11',
'PATH_INFO': u'/',
'QUERY_STRING': '',
'RAW_URI': '/',
'REMOTE_ADDR': '127.0.0.1',
'REMOTE_PORT': '51349',
'REQUEST_METHOD': 'GET',
'SCRIPT_NAME': u'',
'SERVER_NAME': '127.0.0.1',
'SERVER_PORT': '9000',
'SERVER_PROTOCOL': 'HTTP/1.0',
'SERVER_SOFTWARE': 'gunicorn/19.1.1',
'gunicorn.socket': <socket._socketobject object at 0x3877fa0>,
'wsgi.errors': <gunicorn.http.wsgi.WSGIErrorsWraper object at 0x37e6050>,
'wsgi.file_wrapper': <class 'gunicorn.http.wsgi.FileWrapper'>,
'wsgi.input': <gunicorn.http.body.Body object at 0x396cc50>,
'wsgi.multiprocess': False,
'wsgi.multithread': False,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 0)}>
Is this something I should be concerned about? Am I missing something here? I thought by putting the wildcard in the allowed hosts, I would eliminate this issue, but that doesn't seem to be the case.
Any help would be much appreciated.
ISSUE: gunicorn
(your Django App server) is getting an invalid host name.
when a request is made to the server (NginX) and the HTTP Host (or user agent) is empty, nginx sets the HTTP host to the gunicorn sock.
Solution: Add/update a directive in your nginx conf (nginx.conf
or sites-enabled/<your-site>.conf
) from:
proxy_set_header Host $http_host;
to (if you don't have it set, just add the following),
proxy_set_header Host $host;
Can put it inside the location
, above the proxy_pass
directive:
server {
listen 8000;
server_name 0.0.0.0;
location / {
proxy_set_header Host $host;
include proxy_params;
proxy_pass http://unix:/<your-path>/yourproject.sock;
}
}
The client that is making a request to your server has sent the following HTTP Host
header:
Host: *.domain.com
This is invalid as per the HTTP specification - *
is not allowed in the header - hence Django responds with a HTTP 400 response and logs the error.
This is not related to what you put in your ALLOWED_HOSTS
setting, where *
is permitted and tells Django to accept requests for any (valid) hostname (it will still reject invalid hostnames like *.domain.com
).
As others have pointed out in the comments however, you should really configure nginx only to accept connections for specific hosts (server_name
) so that such requests don't even reach Django.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With