0

When I deploy my django project to elasticbeanstalk I get the message in the log: "Invalid HTTP_HOST header: '172.12.2.90'. You may need to add '172.12.2.90'' to ALLOWED_HOSTS." and so on... I have to add 3 ip adresses like the one above in total for the health to be ok and no error/warning messages. Why is this the case? Where are these domains/IP addresses coming from? Is there any more convenient way to fix this so that I don't have to add random IP adresses to the array ALLOWED_HOSTS = ["mydomain.com"] in settings.py?

I created a file and directories in .ebextensions/nginx/conf.d/myconf.conf. This was because according to https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/java-se-nginx.html, it says "To extend Elastic Beanstalk's default nginx configuration, add .conf configuration files to a folder named .ebextensions/nginx/conf.d/".

myconf.conf:

if ( $host !~* ^("mydomain.com"|"www.mydomain.com")$ ) {
return 444;
}

This didn't work it still gives the same message as before.

The way I interpret it is that my django project is on an AWS physical server somewhere and nginx is a middleman between that and my browser. My understanding of Django and AWS is quite basic so I would appreciate it if the answer was as simple as possible.

Thanks in advance!

EDIT1: In a file located at ./.platform/nginx/conf.d/system_config.conf, where . is the project root directory, meaning in the same directory as manage.py:

server {

server_name mydomain.com;

location / {
    proxy_pass mydomain.com;
    proxy_set_header Host $host;
    proxy_set_header X-Real-IP $remote_addr;
}

}

proxy_set_header Host $host;: This directive sets the value of the "Host" header forwarded to the backend server. It ensures that the backend server knows the original hostname the user requested.

proxy_set_header X-Real-IP $remote_addr;: This directive sets the value of the "X-Real-IP" header forwarded to the backend server. It is used to send the actual IP address of the client (user) making the request to the backend server.

Maybe I am mistaken but shouldn't my code above work? It doesn't, it still gives me the same error "You may need to add '172.12.2.90'' to ALLOWED_HOSTS."

Improve this question

1 Answer 1

Reset to default
1

The issue beacuse of HOST HEADER. Because the upstream application is using Load balancing the request may come from any IP of load balancer.

I think the better solution is to add a custom HOST HEADER manually in request while forwarding the request to django. You can do something like this.

in your nginx.conf add the custom host like this.

location / {
   
    proxy_set_header Host            mydomain.com;
    ### Your downstream details ...   
  }

And then just the custom domain "mydomain.com" in ALLOWED_HOSTS

ALLOWED_HOSTS = ["mydomain.com"]
Improve this answer
Sign up to request clarification or add additional context in comments.

3 Comments

What do you mean by upstream application? Do you mean my Django project located on AWS physical server? What does "proxy_set_header Host mydomain.com;" mean. I read up on it nginx.org/en/docs/http/… but I still don't understand. Do you mean that i should write something like server { location / { proxy_set_header Host mydomain.com; } if ( $host !~* ^("mydomain.com"|"www.mydomain.com")$ ) { return 444; }}; . Where should I even put nginx.conf? Should I put it in .ebextensions?
You can read this post for upstream vs downstream application: medium.com/code-factory-berlin/….
The way I interpret things is the aws server being most "upstream" and the client (user's browser) being most "downstream". I interpret your referal "upstream application" as nginx, because that is what is taking care of the load balancing if I am not misstaken. Anyway, my main question was regarding disallowed host error and how to fix it and I don't really understand what I should do

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.