CODEWITHSUNDEEP
pythondjango
w--
w--

Reputation: 6697

django allowed_hosts error for www domain and ip address

django 1.6

I've got my webserver to redirect www requests to the non-www equivalent. i.e. www.domain.com goes to domain.com

i've got django setup to email me any errors

i'm getting a bunch of errors that look like:

[Django] ERROR: Invalid HTTP_HOST header: 'www.domain.com'.You may need to add u'www.domain.com' to ALLOWED_HOSTS

or

[Django] ERROR: Invalid HTTP_HOST header: '< ip address >'.You may need to add u'< ip address >' to ALLOWED_HOSTS

but the content of the emails is simply:

No stack trace available

Request repr() unavailable.

I know the redirect is working because if i attempt to visit www.domain.com i get redirected to domain.com

I'd like to better inspect the request object to understand how the requests are getting to django. the only requests that should be getting forwarded to django should be the ones going to domain.com.
Does anyone know how i might go about this?

or even better if someone knows what is going on here that would be great.

As requested here is the nginx conf:

server {
    listen <ip address>:80;
    server_name "";
    return 444;
}


server{
    listen <ip address>:80;

    server_name www.domain.com;
    return 301 $scheme://domain.com$request_uri;
}

#HTTPS server
server{
    listen <ip address>:80;
    listen <ip address>:443 ssl;
    server_name domain.com;

    location / {
        uwsgi_pass  unix:<path to socket file>;
        include /etc/nginx/uwsgi_params;    
    }

    if ($ssl_protocol = ""){
        return 301 https://$host$request_uri;
    }

}

Upvotes: 2

Views: 4627

Answers (1)

Jamie Cockburn
Jamie Cockburn

Reputation: 7555

The ALLOWED_HOSTS setting in django inspects the Host header in your HTTP request, which is generated by the browser when it sends the request.

In your Nginx config you are (presumably) using a URL rewrite not an HTTP redirect.

If that is the case, then the redirect is essentially internal to the server. The original Hosts header in the request sent by your browser will still have its original value.

The correct config for Nginx would be something like:

server {
    listen       80;
    server_name  www.domain.com;
    return       301 http://domain.com$request_uri;
}

server {
    listen       80;
    server_name  domain.com;
    ...django server config...
}

This will cause an HTTP 301 redirect to be returned to your browser, and the browser will send a new request with the correct Host header.

Upvotes: 1

Related Questions