django.core.exceptions.DisallowedHost: Invalid HTTP_HOST header: '34.127.112.140:7021'.
im using cloudfalre to proxy for my django app how it possible to someone call my ap with ip ?
i also got this inlogs 7:M 28 Dec 2023 23:02:53.169 # Possible SECURITY ATTACK detected. It looks like somebody is sending POST or Host: commands to Redis. This is likely due to an attacker attempting to use Cross Protocol Scripting to compromise your Redis instance. Connection from 192.168.48.3:59764 aborted.
is it possible someone trying to attack me ? should i be consern ?
9 Replies
Project ID:
N/A
that would be a check from railway, there is absolutely nothing to be concerned about despite the ugly message in your logs
so no one can call my app with ip ? i also see some called my apps with local host !
no you cant call your app with just an ip, you would need to specify a valid host header
i assure you, there is nothing to worry about
Invalid HTTP_HOST header: '34.127.112.140:7021'. You may need to add '34.127.112.140' to ALLOWED_HOSTS.
Invalid HTTP_HOST header: ':::8000'. The domain name provided is not valid according to RFC 1034/1035.
as i know both of these meanes somebody called my app in manner it shouldnt
again, that would be a check from railway
ok ty
and also somebody checked for common admin access url is it also done by railway ?
like /admin /wp-admin ...
no thats normal bot scanner stuff
ok ty