Django ERROR (EXTERNAL IP): Invalid HTTP_HOST header: '*.domain.com'
ISSUE: gunicorn
(your Django App server) is getting an invalid host name.
when a request is made to the server (NginX) and the HTTP Host (or user agent) is empty, nginx sets the HTTP host to the gunicorn sock.
Solution: Add/update a directive in your nginx conf (nginx.conf
or sites-enabled/<your-site>.conf
) from:
proxy_set_header Host $http_host;
to (if you don't have it set, just add the following),
proxy_set_header Host $host;
Can put it inside the location
, above the proxy_pass
directive:
server { listen 8000; server_name 0.0.0.0; location / { proxy_set_header Host $host; include proxy_params; proxy_pass http://unix:/<your-path>/yourproject.sock; }}
The client that is making a request to your server has sent the following HTTP Host
header:
Host: *.domain.com
This is invalid as per the HTTP specification - *
is not allowed in the header - hence Django responds with a HTTP 400 response and logs the error.
This is not related to what you put in your ALLOWED_HOSTS
setting, where *
is permitted and tells Django to accept requests for any (valid) hostname (it will still reject invalid hostnames like *.domain.com
).
As others have pointed out in the comments however, you should really configure nginx only to accept connections for specific hosts (server_name
) so that such requests don't even reach Django.