Re: [mezzanine-users] [Django] ERROR: Invalid HTTP_HOST header: 'domain.com'.You may need to add u'domain.com'
I'm using HTTPS and SNI for virtualhosts. I'm getting these messages when clients that doesn't support SNI tries to connect. I happily ignore them. Mat be your issue is related. -- You received this message because you are subscribed to the Google Groups "Mezzanine Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to mezzanine-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
Re: [mezzanine-users] [Django] ERROR: Invalid HTTP_HOST header: 'domain.com'.You may need to add u'domain.com'
On 31/05/2015 1:34 PM, vikraw wrote:
I know there exists a similar post/thread before and I have posted
there also, but I didn't see any solutions to stop getting those
messages. I am getting around 20-30 such emails in a day
I am getting the errors for my server's IP address
Invalid HTTP_HOST header: 'x.x.x.x'. You may need to add u'x.x.x.x'
to ALLOWED_HOSTS.
BUT also for so many suspicious names like this
- Invalid HTTP_HOST header: '4331780'.You may need to add u'4331780'
to ALLOWED_HOSTS.
- Invalid HTTP_HOST header: 'testp1.piwo.pila.pl'.You may need to add
u'testp1.piwo.pila.pl' to ALLOWED_HOSTS.
- Invalid HTTP_HOST header: 'www.cloud.ph'.You may need to add
u'www.cloud.ph' to ALLOWED_HOSTS
All of them say the following
No stack trace available
Request repr() unavailable.
These emails are generally rather unhelpful, especially because of the
lack of back trace - which means you don't really know which URL was
used that caused the error (prior to Django 1.6, I would see the
backtrace and it appeared that it was bots attempting to access, e.g.
admin.php which don't exist on a Django server).
If you're happy to just ignore them, you can get nginx to do that for
you so that the requests don't even hit Django/Mezzanine.
I put the following in my nginx configuration file and haven't received
an email like that since:
# deny illegal host headers
if ($host !~* ^mydomain.com$ ) {
return 444;
}
Of course, you'll need to update this based on the domains you do want
to allow.
See e.g. http://stackoverflow.com/a/17477436/653093
Seeya. Danny.
--
You received this message because you are subscribed to the Google Groups "Mezzanine
Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to mezzanine-users+unsubscr...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
[mezzanine-users] [Django] ERROR: Invalid HTTP_HOST header: 'domain.com'.You may need to add u'domain.com'
I know there exists a similar post/thread before and I have posted there also, but I didn't see any solutions to stop getting those messages. I am getting around 20-30 such emails in a day My settings look like this ALLOWED_HOSTS = [ '.mydomain.com', # Allow domain and subdomains '.mydomain.com.', # Also allow FQDN and subdomains u'mp-ip-add-ress', ] I am getting the errors for my server's IP address Invalid HTTP_HOST header: 'x.x.x.x'. You may need to add u'x.x.x.x' to ALLOWED_HOSTS. BUT also for so many suspicious names like this - Invalid HTTP_HOST header: '4331780'.You may need to add u'4331780' to ALLOWED_HOSTS. - Invalid HTTP_HOST header: 'testp1.piwo.pila.pl'.You may need to add u'testp1.piwo.pila.pl' to ALLOWED_HOSTS. - Invalid HTTP_HOST header: 'www.cloud.ph'.You may need to add u'www.cloud.ph' to ALLOWED_HOSTS All of them say the following No stack trace available Request repr() unavailable. -- You received this message because you are subscribed to the Google Groups "Mezzanine Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to mezzanine-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
[mezzanine-users] [Django] ERROR: Invalid HTTP_HOST header: 'domain.com'.You may need to add u'domain.com' to..
I've been getting this error message since I've deployed my mezzanine website: [Django] ERROR: Invalid HTTP_HOST header: 'domain.com'.You may need to add u'domain.com' to ALLOWED_HOSTS where domain.com is most of the times the IP of the server, few times a secondary domain which redirects to the main one and one time www.fbi.gov :-) I've read the pages below, so I think that I can just ignore the error (I'm sure that my ALLOWED_HOSTS is restrictive). I guess that I can wait for Django >= 1.7b4 in Mezzanine and then I won't get any error message. Right? http://stackoverflow.com/questions/15238506/djangos-suspiciousoperation-invalid-http-host-header https://code.djangoproject.com/ticket/19866 https://github.com/django/django/commit/d228c1192ed59ab0114d9eba82ac99df611652d2 (added in django 1.7b4) -- You received this message because you are subscribed to the Google Groups "Mezzanine Users" group. To unsubscribe from this group and stop receiving emails from it, send an email to mezzanine-users+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
