Django site doesn't work with DEBUG=False

StackOverflow https://stackoverflow.com/questions/18559640

  •  27-06-2022
  •  | 
  •  

Pergunta

I am using Django 1.5, and I am aware of the security issue requiring the ALLOWED_HOSTS argument to include the host. The site is hosted on webfaction.

When I set my production site to DEBUG = False, I get 500 errors for every page. The error I get is:

SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): www.mydomain.org

But in settings.py, I have the following:

ALLOWED_HOSTS = ['.mydomain.org']

This is making me crazy. Any ideas?

Edit: This does not seem to be related to header spoofing as in this post. My settings match the allowed host that appears in the error message.

Update with solution: I am embarrassed to say that I had a second ALLOWED_HOSTS = [ ] declaration later in my settings.py file. This was overriding my previous declaration and causing the problem.

Foi útil?

Solução

Maybe you just have to put your domain formatted with a full domain name like :

ALLOWED_HOSTS = ['www.mydomain.org']

This worked for me (no more 500 errors)

make sure you access your prod application via www.mydomain.org

Outras dicas

This Stackoverflow question will help you:

Django's SuspiciousOperation Invalid HTTP_HOST header

There's a ticket opened regarding this matter:

https://code.djangoproject.com/ticket/19866

Licenciado em: CC-BY-SA com atribuição
Não afiliado a StackOverflow
scroll top