Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Why is Django throwing error "DisallowedHost at /"?

Tags:

python

django

django-settings

I am setting up my own Django server using this Digital Ocean tutorial. I created the Django framework following each step, and ran the server using this command:

./manage.py runserver 0.0.0.0:8000

When I tried to visit the IP at port 8000, the following error was shown:

DisallowedHost at /
Invalid HTTP_HOST header: 'XXX.XXX.XXX.XXX:8000'. You may need to add u'XXX.XXX.XXX.XXX' to ALLOWED_HOSTS.

(IP substituted with X's)

Why is this happening?

like image 687
alukin Avatar asked Nov 18 '16 00:11

alukin

4 Answers

In your settings.py, there is a list called ALLOWED_HOSTS. You need to add the IP address you see in the error to that list:

ALLOWED_HOSTS = ['XX.XX.XX.XX']

Note: only add the IP address, and not the port (e.g., 127.0.0.1 and not 127.0.0.1:8000)

Explanation:

Django checks the Host header of the HTTP request for a url/ip address that is within the allowed hosts.

From the django website:

This is a security measure to prevent HTTP Host header attacks, which are possible even under many seemingly-safe web server configurations.

https://docs.djangoproject.com/en/dev/ref/settings/#allowed-hosts

like image 146
randyr Avatar answered Nov 15 '22 15:11

randyr

For development, you can use the * wildcard to allow all hosts in settings.py:

ALLOWED_HOSTS = ['*']

Important

Modify this configuration when you deploy your app in production environment.

like image 40
kapoc Avatar answered Nov 15 '22 17:11

kapoc

Include both ('www.name.com', 'ip.ip.ip.ip') Set Debug = True, then retry the IP & URL Address.

Go to the Traceback section, find the message [ raise DisallowedHost(msg) ] click -> ▼ Local vars

It will show the incoming domain name and the settings for allowed hosts:

*Variable       Value
*allowed_hosts  ['ip.ip.ip.ip', 'name.com']
*domain          'something.com'
*

Copy the incoming value into your settings.py. If the you see old settings restart the server\nginx

like image 1
chad Avatar answered Nov 15 '22 17:11

chad

Sometimes is not enough to just add it to the host as a frustratedly tried over and over. Sometimes is stuck in cache and you're getting the same error even if you did everything right. In that case what worked for me is change the port, from 8081 and cache problem was over.

I ran it like this:

python3 manage.py runserver 127.0.0.1:8081
like image 1
Allex Radu Avatar answered Nov 15 '22 17:11

Allex Radu
Sign in to Comment

Related questions

How to update values in a specific row in a Python Pandas DataFrame?
Call function without optional arguments if they are None
Non-test methods in a Python TestCase
Plotting pandas timedelta
List of All Tkinter Events
pythonic way to iterate over part of a list
pygame - How to display text with font & color?
What is the difference between SimpleNamespace and empty class definition?
Why doesn't Python have switch-case?
Installing specific BUILD of an anaconda package
How do I create a Python set with only one element?
Convert ndarray from float64 to integer
JavaScript parser in Python [closed]
python argparse choices with a default choice
Regular Expression to match cross platform newline characters
compiling vim with python support
Case insensitive unique model fields in Django?
How do I log from my Python Spark script
Django: dependencies reference nonexistent parent node
Iterate through dictionary values?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!