Monday, December 21, 2015

Ip forgering

We are building up a project on production, so the avoid ip forgering protocol is active.

Untill now everything seems ok, the problem is that im getting some django errors because it is blocking some pettitions from the server external ip address, the range of ports is wide, pasting the error bellow.

What do you think?
Is it safe to set the external ip as allowed host in this case?

Invalid HTTP_HOST header: '52.31.xxx.xx'. You may need to add u'52.31.xxx.xx' to ALLOWED_HOSTS.

Request repr():
<WSGIRequest
path:/,
GET:<QueryDict: {}>,
POST:<QueryDict: {}>,
COOKIES:{},
META:{'HTTP_CONNECTION': 'close',
 'HTTP_HOST': '52.31.xxx.xx',
 'HTTP_X_FORWARDED_FOR': '184.105.139.70',
 'PATH_INFO': u'/',
 'QUERY_STRING': '',
 'RAW_URI': '/',
 'REMOTE_ADDR': '127.0.0.1',
 'REMOTE_PORT': '54131',
 'REQUEST_METHOD': 'GET',
 'SCRIPT_NAME': u'',
 'SERVER_NAME': '127.0.0.1',
 'SERVER_PORT': '8003',
 'SERVER_PROTOCOL': 'HTTP/1.0',
 'SERVER_SOFTWARE': 'gunicorn/19.3.0',
 'gunicorn.socket': <socket._socketobject object at 0x52f5980>,
 'wsgi.errors': <gunicorn.http.wsgi.WSGIErrorsWrapper object at 0x5170710>,
 'wsgi.file_wrapper': <class 'gunicorn.http.wsgi.FileWrapper'>,
 'wsgi.input': <gunicorn.http.body.Body object at 0x5170590>,
 'wsgi.multiprocess': True,
 'wsgi.multithread': False,
 'wsgi.run_once': False,
 'wsgi.url_scheme': 'http',
 'wsgi.version': (1, 0)}>


other ports are:

 'REMOTE_PORT': '46332',
 'REMOTE_PORT': '43797',


Any input is welcomed, thanks!


--
monoBOT
Visite mi sitio(Visit my site): monobotsoft.es/blog/

--
You received this message because you are subscribed to the Google Groups "Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to django-users+unsubscribe@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at https://groups.google.com/group/django-users.
To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/CA%2BxOsGDD%2BNbUWyUXj2hxmmZuXQorR9LnJOsvMT0ZVtVMv9UHEA%40mail.gmail.com.
For more options, visit https://groups.google.com/d/optout.
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)