Django in Elastic BeanStalk getting too many Invalid HTTP_HOST header errors

Question

I have deployed my Django application at AWS Elastic Bean Stalk server. Now I am getting too many invalid http host error from different IP addresses including localhost and http as following

SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): 172.31.0.67

SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): 172.31.22.203

SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): check.proxyradar.com

SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): testp2.czar.bielawa.pl
'PATH_TRANSLATED': '/opt/python/current/app/coinn/coinn/wsgi.py/testproxy.php',

In Elastic BeanStalk security Group I have given following access

Type | Protocol | Port | Source
HTTP | TCP      | 80   | Anywhere | 0.0.0.0/0

Are these error coming from automatic health check performed by Load balancer or some one trying to hack my aws instance system ?

I am saying the former because if I am removing the localhost and 127.0.0.1 from ALLOWED_HOST list in the django setting I started getting the same error from locahost as well as following :

SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): localhost

Please suggest the possible cause and resolution of this issue.

Answer 1

Are these error coming from automatic health check performed by Load balancer or some one trying to hack my aws instance system?

The load balancer is certainly not going to be setting the HTTP_HOST header to values like "check.proxyradar.com" and "testp2.czar.bielawa.pl" so I think we can definitely rule out the ELB health checks.

As to if they are someone trying to hack your system, or something more benign, that is more difficult to answer. You might want to look at this related question, and the answer which states that this is probably someone probing your site for vulnerabilities.