On 31/05/2015 1:34 PM, vikraw wrote:
I know there exists a similar post/thread before and I have posted
there also, but I didn't see any solutions to stop getting those
messages. I am getting around 20-30 such emails in a day
<snip>
I am getting the errors for my server's IP address
Invalid HTTP_HOST header: 'x.x.x.x'. You may need to add u'x.x.x.x'
to ALLOWED_HOSTS.
BUT also for so many suspicious names like this
- Invalid HTTP_HOST header: '4331780'.You may need to add u'4331780'
to ALLOWED_HOSTS.
- Invalid HTTP_HOST header: 'testp1.piwo.pila.pl'.You may need to add
u'testp1.piwo.pila.pl' to ALLOWED_HOSTS.
- Invalid HTTP_HOST header: 'www.cloud.ph'.You may need to add
u'www.cloud.ph' to ALLOWED_HOSTS
All of them say the following
No stack trace available
Request repr() unavailable.
These emails are generally rather unhelpful, especially because of the
lack of back trace - which means you don't really know which URL was
used that caused the error (prior to Django 1.6, I would see the
backtrace and it appeared that it was bots attempting to access, e.g.
admin.php which don't exist on a Django server).
If you're happy to just ignore them, you can get nginx to do that for
you so that the requests don't even hit Django/Mezzanine.
I put the following in my nginx configuration file and haven't received
an email like that since:
# deny illegal host headers
if ($host !~* ^mydomain.com$ ) {
return 444;
}
Of course, you'll need to update this based on the domains you do want
to allow.
See e.g. http://stackoverflow.com/a/17477436/653093
Seeya. Danny.
--
You received this message because you are subscribed to the Google Groups "Mezzanine
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to mezzanine-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.