alukin alukin - 17 days ago 19
Python Question

"DisallowedHost at /" django error

I am following this Digital Ocean tutorial for setting up my own Django server. Everything was going fine until I had to run the manage.py from port 8000 (all following the tutorial). When I ran the server everything was fine, but when I tried to visit the IP at that port, this error came up:

DisallowedHost at /
Invalid HTTP_HOST header: 'XXX.XXX.XXX.XXX:8000'. You may need to add u'XXX.XXX.XXX.XXX' to ALLOWED_HOSTS.


(I dont want to show the actual IP, so I replaced them with Xs)

So I want to know what I can do to fix it, but also why this is happening. I dont really know much about nginx or gunicorn, so I thought that following the tutorial would be fine, but guess not.

Thanks for the help!

Answer

In your settings.py, there is a list called ALLOWED_HOSTS. You need to add the IP address you see in the error to that list:

ALLOWED_HOSTS = ['XX.XX.XX.XX']

The port should not be added.

Explanation:

Django checks the Host header of the HTTP request for a url/ip address that is within the allowed hosts.

From the django website:

This is a security measure to prevent HTTP Host header attacks, which are possible even under many seemingly-safe web server configurations.

https://docs.djangoproject.com/en/1.10/ref/settings/#allowed-hosts

Comments