What is Allowed_hosts Django?
Share
Lost your password? Please enter your email address. You will receive a link and will create a new password via email.
Please briefly explain why you feel this question should be reported.
Please briefly explain why you feel this answer should be reported.
Please briefly explain why you feel this user should be reported.
ALLOWED_HOSTS. Default: [] (Empty list) A list of strings representing the host/domain names that this Django site can serve. This is a security measure to prevent HTTP Host header attacks, which are possible even under many seemingly-safe web server configurations.
When you set DEBUG = False, Django checks that the HTTP Host header matches one of the entries in your ALLOWED_HOSTS setting. This is a security measure meant to protect against HTTP Host header attacks. This setting needs to be set to allow the host name where you are making your application available. If you’re dynamically creating environments, you may want to allow hosts to be specified as environment variables so that they can be injected into the application as it launches.