Saturday, October 24, 2015

Re: Invalid HTTP_HOST, can someone explain why I am getting this?

Did not solve problem.
They pointed me to this fix.

http://stackoverflow.com/questions/15238506/djangos-suspiciousoperation-invalid-http-host-header/19534738#19534738

Just wanted to share.

On Wednesday, October 21, 2015 at 8:08:55 PM UTC-4, frocco wrote:
I spoke with webfaction and they advised I change apache2 config to Listen 127.0.0.1:29627 instead of Listen 29627

On Monday, September 21, 2015 at 7:46:49 PM UTC-4, frocco wrote:
I am using webfaction and django 1.5

Is this something webfaction and resolve?

On Monday, September 21, 2015 at 6:26:40 PM UTC-4, Carl Meyer wrote:
On 09/21/2015 04:22 PM, François Schiettecatte wrote:
> Not likely, all that is happening is that you are getting requests
> where the 'Host:' HTTP header is not set or set to something other
> than what is accepted by your site. Most likely a buggy client. I get
> that all the time, I just ignore it.
>
> Cheers
>
> François
>
>> On Sep 21, 2015, at 6:16 PM, frocco <far...@gmail.com> wrote:
>>
>> I am still getting this invalid host from time to time. Does this
>> mean that someone is trying to hack my site?
>>
>> www.g3suprimentos.com.br is not anything I own.
>>
>> For now, I am just ignoring this.

The best way to solve this for good and never get those errors again is
to fix it in your front-end webserver configuration, so that it ignores
requests for the wrong Host and doesn't even pass them on to Django in
the first place. If you're using nginx that means setting your
`server_name` directive correctly. If you're using Apache that means
using a name-based (non-default) VirtualHost. Any webserver should
provide some way to do this.

Carl

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/e90bc6ac-b591-46ed-9d37-f28728001c19%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)