About Denying All Unintended Domain Requests
When you set a Django website with Nginx, hackers may try to do requests to the server using the IP address or via their domains temporarily pointing to your server's IP address. To avoid Django error reporting about domain not being in ALLOWED_HOSTS
and to block their requests completely, add the default_server
settings to your Nginx server configuration:
server {
listen 443 ssl default_server;
server_name _;
return 444;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
}
server {
listen 80 default_server;
server_name _;
return 444;
}
Tips and Tricks Dev Ops Security Logging Django 3.2 Django 2.2 Django 1.11 Django 1.8 nginx Sentry SSL
Also by me
Django Paddle Subscriptions app
For Django-based SaaS projects.
Django GDPR Cookie Consent app
For Django websites that use cookies.