Django and Invalid HTTP_HOST headers with nginx

Django has had a setting for allowed hostnames for a while [1], but
starting with the 1.5 release it was required [2] to set it.

I'm not sure why I only started getting Invalid HTTP_HOST header emails after
my upgrade to 1.6, but anyway, they started pouring in. It's a litte confusing
why anybody would try to access one of my sites with a fake hostname, but
fixing this is easy enough.

The example below uses nginx' catch-all server name feature [3].


server {
    listen 80 default_server;
    server_name _;
    rewrite ^/(.*)$1 permanent;
Published on Feb. 10, 2014 at 9:13 a.m. by Nicolas . You can follow the discussion with the comment feed for this post. Feeling generous? Donate!


Start a new thread

Cancel reply
Markdown. Syntax highlighting with <code lang="php"><?php echo "Hello, world!"; ?></code> etc.