On 31/05/2015 1:34 PM, vikraw wrote:
I know there exists a similar post/thread before and I have posted
there also, but I didn't see any solutions to stop getting those
messages. I am getting around 20-30 such emails in a day
<snip>
I am getting the errors for my server's IP address
Invalid HTTP_HOST header: 'x.x.x.x'. You may need to add u'x.x.x.x'
to ALLOWED_HOSTS.
BUT also for so many suspicious names like this
- Invalid HTTP_HOST header: '4331780'.You may need to add u'4331780'
to ALLOWED_HOSTS.
- Invalid HTTP_HOST header: 'testp1.piwo.pila.pl'.You may need to add
u'testp1.piwo.pila.pl' to ALLOWED_HOSTS.
- Invalid HTTP_HOST header: 'www.cloud.ph'.You may need to add
u'www.cloud.ph' to ALLOWED_HOSTS
All of them say the following
No stack trace available
Request repr() unavailable.
These emails are generally rather unhelpful, especially because of the
lack of back trace - which means you don't really know which URL was
used that caused the error (prior to Django 1.6, I would see the
backtrace and it appeared that it was bots attempting to access, e.g.
admin.php which don't exist on a Django server).
If you're happy to just ignore them, you can get nginx to do that for
you so that the requests don't even hit Django/Mezzanine.
I put the following in my nginx configuration file and haven't received
an email like that since:
# deny illegal host headers
if ($host !~* ^mydomain.com$ ) {
return 444;
}
Of course, you'll need to update this based on the domains you do want
to allow.
See e.g. http://stackoverflow.com/a/17477436/653093
Seeya. Danny.
--
You received this message because you are subscribed to the Google Groups "Mezzanine
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
For more options, visit https://groups.google.com/d/optout.
