Django and Invalid HTTP_HOST headers with nginx
Django has had a setting for allowed hostnames for a while [1], but starting with the 1.5 release it was required [2] to set it.
I'm not sure why I only started getting Invalid HTTP_HOST header emails after my upgrade to 1.6, but anyway, they started pouring in. It's a litte confusing why anybody would try to access one of my sites with a fake hostname, but fixing this is easy enough.
The example below uses nginx' catch-all server name feature [3].
server {
listen 80 default_server;
server_name _;
rewrite ^/(.*) http://example.com/$1 permanent;
}
0 comments
Reply