I'm using Django 1.5, Apache, mod_wsgi and python 2.7, debian hosted on linode.
Since I upgraded from django 1.3 to django 1.5, I started receive some error messages, for example: "ERROR (EXTERNAL IP): Internal Server Error: /feed/". With this traceback:
Traceback (most recent call last):
File "/usr/local/lib/python2.7/dist-packages/django/core/handlers/base.py", line 92, in get_response
response = middleware_method(request)
File "/usr/local/lib/python2.7/dist-packages/django/middleware/common.py", line 57, in process_request
host = request.get_host()
File "/usr/local/lib/python2.7/dist-packages/django/http/request.py", line 72, in get_host
"Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): %s" % host)
SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): tadjenanet.montadamoslim.com
But, a few days ago, the volume of this errors increased greatly, and for a lot of url's that I don't even have in my website.
I saw the answers here(Django's SuspiciousOperation Invalid HTTP_HOST header) and I understand why I'm getting this, but I need to know how to avoid this increasing my server security.
Basically, you cannot avoid that an attacker send you that kind of requests. Most of this attacks came from automatic penetration test tools like metasploit or W3AF. Fortunately, those attempts are not something to worry about in Django 1.5 or above. For avoiding the log flooding, you can configure your web server to filter HTTP_HOST headers that don't match with your website domain. Sorry, I cannot help you to do it with Apache, if using Nginx, this article can helps http://www.acloudtree.com/how-to-deny-hosts-using-nginx/
Cheers!
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With