I am receiving a lot of Invalid HTTP_HOST header messages from my Django web application-
[Django] ERROR: Invalid HTTP_HOST header: 'www.bing.com'.You may need to add u'www.bing.com' to ALLOWED_HOSTS
It comes from known websites (like bing.com, google.com
) as well as very random websites (www2t.biglobe.ne.jp, proxy.me5b.ru
).
The message in the emails is:
No stack trace available
Request repr() unavailable.
I have read other questions about this on other SO questions, like this and this and a nice blog post like this.
But they all seem to indicate that this problem should have been solved in Django 1.6. However, I am running Django 1.6.2 and am still seeing this error. I am using Apache WSGI and the application is hosted on AWS Elasticbeanstalk.
I can probably suppress these alert messages, but should I be expecting them in the first place?
The problem isn't in django or the django application, Its in the user's side.
Your django application are configured to take requests on example.com only (ALLOWED_HOSTS), and then, if any other domain are pointing the same ip and any user requests that webithe then django will raise that exception.
Obviously bing.con isn't pointing to your IP address (unless you are a microsoft's employee and you are migrating bing to django :-O).
I have some hypotesis:
Don't pay attention at this error (I'm ignoring this on my websites) because django is thinking correctly:
I'm not configured to serve this domain, sorry, I'll not serve any content to you.
Here is a complete logging config that can be cut and pasted into a Django 1.6 settings file if LOGGING isn't already defined. This is a follow up to the snippet that @Devang posted as a comment above.
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'null': {
'class': 'django.utils.log.NullHandler',
},
},
'loggers': {
'django.security.DisallowedHost': {
'handlers': ['null'],
'propagate': False,
},
}
}
Updated for Django 1.9, per the docs.
LOGGING = {
'version': 1,
'disable_existing_loggers': False,
'handlers': {
'null': {
'class': 'logging.NullHandler',
},
},
'loggers': {
'django.security.DisallowedHost': {
'handlers': ['null'],
'propagate': False,
},
},
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With