Question:
I have deployed my Django application at AWS Elastic Bean Stalk server. Now I am getting too many invalid http host error from different IP addresses including localhost and http as following
|
1 2 3 4 5 6 7 8 9 |
SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): 172.31.0.67 SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): 172.31.22.203 SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): check.proxyradar.com SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): testp2.czar.bielawa.pl 'PATH_TRANSLATED': '/opt/python/current/app/coinn/coinn/wsgi.py/testproxy.php', |
In Elastic BeanStalk security Group I have given following access
|
1 2 3 |
Type | Protocol | Port | Source HTTP | TCP | 80 | Anywhere | 0.0.0.0/0 |
Are these error coming from automatic health check performed by Load balancer or some one trying to hack my aws instance system ?
I am saying the former because if I am removing the localhost and 127.0.0.1 from ALLOWED_HOST list in the django setting I started getting the same error from locahost as well as following :
|
1 2 |
SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): localhost |
Please suggest the possible cause and resolution of this issue.
Answer:
Are these error coming from automatic health check performed by Load
balancer or some one trying to hack my aws instance system?
The load balancer is certainly not going to be setting the HTTP_HOST header to values like “check.proxyradar.com” and “testp2.czar.bielawa.pl” so I think we can definitely rule out the ELB health checks.
As to if they are someone trying to hack your system, or something more benign, that is more difficult to answer. You might want to look at this related question, and the answer which states that this is probably someone probing your site for vulnerabilities.