What is allowed_hosts?
The allowed_hosts parameter is used to set the whitelist of Django's domain names. When Django receives a request, it will use this parameter to determine whether the request comes from a trusted domain name. If the requested domain name is not in the allowed_hosts list, Django will reject the request to ensure the security of the website.
Configure allowed_hosts
To configure the allowed_hosts parameter, we need to modify it in the settings file of the Django project. Open the project file and find the line ALLOWED_HOSTS.
By default, the ALLOWED_HOSTS parameter in the file is empty, indicating that all requests are allowed. But this is not a secure configuration because it opens a website with a risk of DNS reverse resolution attacks.
Normally, we should set the ALLOWED_HOSTS parameter to a list containing the domain name or IP address that allows access to the website. Here is an example:
ALLOWED_HOSTS = ['', '', '192.168.1.100']
In this example, we allow requests from three domain names (or IP addresses) from , , and 192.168.1.100 to access the website.
If there are no special requirements, we can also use wildcards to represent all subdomains. For example, the following configuration will allow any domain name ending with . to access the website:
ALLOWED_HOSTS = ['.']
Note that the domain name in the ALLOWED_HOSTS parameter does not need to be carried with a protocol (such as http:// or https://) and is case-insensitive.
1. Problem description
Django thrownDisallowedHostThe error indicates that your application attempts to access a hostname, but the hostname is not included in the Django settings.ALLOWED_HOSTSIn the list. Django only allows local host names by default for security reasons (localhostand127.0.0.1)
2. Solution
To solve this problem, you need to transfer the public IP address of your server'47.104.164.9'Add toALLOWED_HOSTSin the list.
3. Operation steps
Here are the steps you need to do:
Edit Django settings file ()。
Add IP toALLOWED_HOSTS:
turn upALLOWED_HOSTSSet up, and then add your public IP address. For example:
ALLOWED_HOSTS = [
'47.104.164.8',
# Other allowed host names...]
Save the settings file。
Restart the Django server:
After saving the changes, you need to restart the Django server for the changes to take effect.
Check network security settings:
Ensure that the server's firewall or network security group allows access to port 8000 from an external network.
Access with the correct URL:
If your server uses the default 8000 port, you can try to access it directly with the IP address without adding a port number after the IP address, for examplehttp://47.104.164.8/。
Consider using a domain name:
For security and convenience, it is recommended to configure a domain name for your server and add the domain name toALLOWED_HOSTS。
Check proxy settings:
If your Django app is behind a reverse proxy like Nginx or Apache, you may need to set it upX-Forwarded-Hostheader and configured in Django to handle it correctly.
debug:
If changedALLOWED_HOSTSAfter the problem persists, check Django's log files for more information
Please note thatDEBUGSet toTrueWill allow Django to display detailed error pages, which is very helpful for development, but it should be set toFalseTo avoid security risks. At the same time, make sure your production server uses professional WSGI servers such as Gunicorn, rather than Django's development servers.
This is the article about Django's ALLOWED_HOSTS configuration method. For more related Django ALLOWED_HOSTS configuration content, please search for my previous articles or continue browsing the related articles below. I hope everyone will support me in the future!