Error since added SSL certificate

[James Hargreaves]

Merry Christmas everyone!

I eel recently added an SSL certificate to my domain where the application is hosted with Django.

Since I setup the SSL certificate I've been receiving a lot of errors like this:

SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): AAA.BBB.CCC.DDD

Where AAA.BBB.CCC.DDD is the IP address of my server - ie- I'm getting a lot of requests direct to the IP of the server.

Can anyone suggest why these requests have been coming in? I can't see anything in the request suggesting where these requests are coming from.

[François Schiettecatte]

Most likely a bot testing for vulnerabilities or badly coded crawlers.

I get them and I ignore them. Django requires a proper ‘Host’ HTTP header and it is doing its job rejecting the request if it is not there.

François

> --
> You received this message because you are subscribed to the Google Groups "Django users" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to django-users...@googlegroups.com.
> To post to this group, send email to django...@googlegroups.com.
> Visit this group at https://groups.google.com/group/django-users.
> To view this discussion on the web visit https://groups.google.com/d/msgid/django-users/6bc9859f-d452-4175-9a94-a17c7c837232%40googlegroups.com.
> For more options, visit https://groups.google.com/d/optout.

[Antonis Christofides]

Although, as François explained, Django's behavior is normal, such requests
should normally be stopped by the web server and not by Django. Maybe you
haven't correctly specified server_name (in nginx) or ServerName/ServerAlias (in
Apache), or maybe you somehow made the configuration the default for the server.
What is your web server? Could you show us the related configuration?

Regards,

Antonis

Antonis Christofides
http://djangodeployment.com