Skip to content

Commit

Permalink
Merge pull request #178 from StuartMacKay/invalid-host-header
Browse files Browse the repository at this point in the history 
Stop invalid host header errors being raised by Django
  • Loading branch information
@YPCrumble
YPCrumble authored Apr 5, 2021
2 parents debc7cf + c36e9d4 commit c0d9373
Showing 1 changed file with 16 additions and 1 deletion.
17 changes: 16 additions & 1 deletion roles/nginx/templates/django_default_project.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -10,6 +10,14 @@ server {
listen 80;
server_name {{ nginx_server_name }};
server_tokens off;

# Terminate the request immediately if a request uses the IP address.
# This stops Invalid HTTP_HOST header exceptions being raised by Django.

if ($host !~* ^({{ nginx_server_name }})$ ) {
return 444;
}

return 301 https://$server_name$request_uri;
}

Expand All @@ -31,6 +39,13 @@ server {
ssl_dhparam /etc/ssl/certs/dhparams.pem;
{% endif %}

# Terminate the request immediately if a request uses the IP address.
# This stops Invalid HTTP_HOST header exceptions being raised by Django.

if ($host !~* ^({{ nginx_server_name }})$ ) {
return 444;
}

# Prevent MIME type sniffing for security
add_header X-Content-Type-Options "nosniff";

Expand Down Expand Up @@ -95,7 +110,7 @@ server {

proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_set_header Host $host;
proxy_redirect off;

# Try to serve static files from nginx, no point in making an
Expand Down

0 comments on commit c0d9373

Please sign in to comment.