You can add this to the loggers
section of your logging configuration:
'django.security.DisallowedHost': {
'handlers': ['mail_admins'],
'level': 'CRITICAL',
'propagate': False,
},
This sets the logging threshold to above the ERROR
level that Django uses when a SuspiciousOperation
is detected.
Alternatively, you can use e.g. a FileHandler
to log these events without emailing them to you. For example, to use a dedicated file just for these specific events, you could add this to the handlers
section:
'spoof_logfile': {
'level': 'ERROR',
'class': 'logging.FileHandler',
'filename': '/path/to/spoofed_requests.log',
},
and then use this in the loggers
section:
'django.security.DisallowedHost': {
'handlers': ['spoof_logfile'],
'level': 'ERROR',
'propagate': False,
},
Note that the suggestion made in the Django docs, to use
'django.security.DisallowedHost': {
'handlers': ['null'],
'propagate': False,
},
depends on you running Python 2.7 or later - on 2.6, logging
doesn't have a NullHandler
.