Hi all,

I was setting up my DO ubuntu 20 server with Django, then I ran python manage.py runserver 0.0.0.0:8000, just to test if everything was going well. But I noticed that some bad requests were being requested by some very rare domains, and the worst is that they were asking to add them to the ALLOWED_HOST.

These are the bad and rare requests:

Invalid HTTPHOST header: ‘m8.tehran.monster’. You may need to add 'm8.tehran.monster’ to ALLOWEDHOSTS.
Bad Request: /

[09/Jul/2020 16:53:25] “GET / HTTP/1.1” 400 63763
Invalid HTTPHOST header: 'f27.adminn.damnserver.com’. You may need to add 'f27.adminn.damnserver.com’ to ALLOWEDHOSTS.

Then, I changed my settings.DEBUG to False, set a new secret_key and put the server into action again (python manage.py runserver…). This time these were the requests the server received:

[09/Jul/2020 17:23:24] “GET / HTTP/1.1” 400 143
[09/Jul/2020 17:26:12] “GET / HTTP/1.1” 400 143

Could anyone explain to me what was happening?

Thank you very much

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

Hi there,

Are the f27.adminn.damnserver.com and m8.tehran.monster your domain names? If so you need to add them to the ALLOWED_HOST in your Django application so that you don’t get that error.

If those are not your domains, then it should be ok to ignore the messages as Django is already filtering those requests for you anyway. This might be due to some legacy domains still pointing to your Droplet’s IP address.

Regards,
Bobby

Submit an Answer