Warning: file_get_contents(/data/phpspider/zhask/data//catemap/2/django/20.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Django nginx无效的HTTP_主机头_Django_Nginx - Fatal编程技术网
Fatal编程技术网
  • django/
  • Django nginx无效的HTTP_主机头

Django nginx无效的HTTP_主机头

django nginx

Django nginx无效的HTTP_主机头,django,nginx,Django,Nginx,我每天都收到来自机器人的电子邮件,这些机器人用错误的http_头攻击我的服务器。我遵循以下步骤: 我认为这会解决问题。现在的问题是,如果您尝试转到https://35.****.*.*/我仍然可以让它触发一封给我自己的无效HTTP_主机电子邮件 我试图通过添加listen443default\u服务器来解决这个问题: server { listen 443 default_server; listen 80 default_server; return 444; }

我每天都收到来自机器人的电子邮件,这些机器人用错误的http_头攻击我的服务器。我遵循以下步骤:

我认为这会解决问题。现在的问题是,如果您尝试转到
https://35.****.*.*/
我仍然可以让它触发一封给我自己的无效HTTP_主机电子邮件

我试图通过添加
listen443default\u服务器来解决这个问题


server {
    listen 443 default_server;
    listen 80 default_server;
    return 444;
}


但现在我的网站的合法流量也被封锁了。
这是我的完整配置。非常感谢您的帮助


server {
    # default server
    listen 80 default_server;
    return 444;
}

server {
    listen 80;
    server_name mysite.com www.mysite.com;

    root /home/ubuntu/web/troopers/;

    location /static/ {
        # if asset versioning is used
        if ($query_string) {
            expires max;
        }
    }

    access_log /home/ubuntu/web/logs/troopersAccess.log;
    error_log  /home/ubuntu/web/logs/troopersError.log;

    location / {
        uwsgi_pass   unix:///home/ubuntu/web/troopersuwsgi.sock;
        include      uwsgi_params;
    }

    # what to serve if upstream is not available or crashes
    error_page 400 /400.html;
    error_page 403 /403.html;
    error_page 404 /404.html;
    error_page 500 502 503 504 /500.html;

    # Compression
    gzip on;
    gzip_http_version 1.0;
    gzip_comp_level 5;
    gzip_proxied any;
    gzip_min_length  1100;
    gzip_buffers 16 8k;
    gzip_types text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    # Some version of IE 6 don't handle compression well on some mime-types,
    # so just disable for them
    gzip_disable "MSIE [1-6].(?!.*SV1)";
    # Set a vary header so downstream proxies don't send cached gzipped
    # content to IE6
    gzip_vary on;

    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/mysite.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/mysite.com/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    if ($scheme != "https") {
        return 301 https://$host$request_uri;
    } # managed by Certbot
}



也许你应该尝试更改Django日志设置,以避免发送针对特定错误的电子邮件?这是我的备份计划。但据我所知,处理这种情况的正确方法是在请求到达django之前关闭请求。也许这可以帮助您复制