Hi. Usually HTTP_HOST should be generated from your frontend http server (nginx, apache or similar) and it shouldn't change randomly. If it does it's indication that someone actually had bypassed your http server and managed to call django directly.
On Sun, Mar 24, 2019 at 2:48 AM Mike Dewhirst <mi...@dewhirst.com.au> wrote: > I'm getting hundreds of Invalid HTTP_HOST header errors and need to avoid > having them emailed to ADMINS. My ISP has a limit on the number of messages > which can be sent per hour and occasionally that gets exceeded and he > complains the site is jamming his queues. While that is a more or less > jocular response I still need to invest my time looking at these stupid > emails. > > My ALLOWED_HOSTS setting is locked down to only the correct hostname and > no IP addresses. All the errors are attempts to access well known scripts > which don't exist on the server or '/' > > I am reasonably certain the answer to the problem sits somewhere in the > logging configuration but that's not trivial - for me anyway. > > I'm having trouble deciphering > https://docs.djangoproject.com/en/1.11/topics/logging/#examples > > Can anyone please point me to a worked example which addresses this? > > Thanks > > Mike > > > -- > You received this message because you are subscribed to the Google Groups > "Django users" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to django-users+unsubscr...@googlegroups.com. > To post to this group, send email to django-users@googlegroups.com. > Visit this group at https://groups.google.com/group/django-users. > To view this discussion on the web visit > https://groups.google.com/d/msgid/django-users/3a45a72c-714d-c003-e237-417c899c430e%40dewhirst.com.au > <https://groups.google.com/d/msgid/django-users/3a45a72c-714d-c003-e237-417c899c430e%40dewhirst.com.au?utm_medium=email&utm_source=footer> > . > For more options, visit https://groups.google.com/d/optout. > -- Jani Tiainen Software wizard https://blog.jani.tiainen.cc/ Always open for short term jobs or contracts to work with Django. -- You received this message because you are subscribed to the Google Groups "Django users" group. To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscr...@googlegroups.com. To post to this group, send email to django-users@googlegroups.com. Visit this group at https://groups.google.com/group/django-users. To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CAHn91ofA0wT8SAePhPRhEm5VK6ooVD619X9xpX4tpycqO4K-Fw%40mail.gmail.com. For more options, visit https://groups.google.com/d/optout.
