I have a django project running in production with gunicorn. It is connected to sentry.io for comfortable error logging.
There are a lot of spambots causing Invalid HTTP_HOST header
, because they try to access it by ip, which is not allowed by django`s ALLOWED_HOSTS
setting. Those Spam Bots fill up my sentry plan limits, and after a while other errors are not logged anymore.
What would be a simple and elegant solution to this? I already thought about some, but they all have caveats:
Invalid HTTP_HOST header
error in django and not send to sentry: Good idea, but then I do not have invalid http host header error handling at all in sentryWhat are your thought on this. Do you have other ideas? What would be the most elegant and less comlicated solution?
You can configure Nginx to block any request that has an Invalid HTTP_HOST header
server {
listen 80;
server_name example.com;
if ($http_host !~* ^(example.com|www.example.com)$ ) {
return 444;
}
# rest of your Nginx configuration goes here
}
This way, you can still configure your allowed hosts in Django settings, while filtering out requests with invalid host headers at the proxy server.