Catch invalid hosts before Django's ALLOWED_HOSTS

Posted on Fri 22 April 2016 in Achievements • Tagged with python, django, nginx, securityLeave a comment

I have been haunted all these years by the "Invalid HTTP_HOST header" error email that Django sends to its ADMINS when an user -- or a script, most likely -- tries to access the application with an invalid host header.

Every day I had to mark and delete tons of alert emails ...

Continue reading