Does ticket 19866 <https://code.djangoproject.com/ticket/19866> apply to
Django 1.4? Reading through the notes, it seems it does but I'm still
getting a 500 error. If not, is there a way to keep Django from returning a
500 error. I've found other people filtering these out. I don't want to
filter them out.
I've got some hackers trying to exploit the wordpress /xmlrpc.php on my
Django site. Most of the time they are coming back 404 but there are times
I'm getting exceptions like:
-------------------------------Traceback (most recent call last):
File
"/usr/local/python2p7/lib/python2.7/site-packages/django/core/handlers/base.py",
line 87, in get_response
response = middleware_method(request)
File
"/usr/local/python2p7/lib/python2.7/site-packages/django/middleware/common.py",
line 55, in process_request
host = request.get_host()
File
"*/usr/local/python2p7/lib/python2.7/site-packages/django/http/*__init__.py",
line 223, in get_host
"Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): %s" % host)
SuspiciousOperation: Invalid HTTP_HOST header (you may need to set
ALLOWED_HOSTS)<WSGIRequest
path:/wp/xmlrpc.php,
...
'HTTP_USER_AGENT': 'LWP::Simple/6.00 libwww-perl/6.04',
...
'REQUEST_URI': '/wp/xmlrpc.php',
-------------------------------
Brian
--
You received this message because you are subscribed to the Google Groups
"Django users" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to django-users+unsubscr...@googlegroups.com.
To post to this group, send email to django-users@googlegroups.com.
Visit this group at http://groups.google.com/group/django-users.
To view this discussion on the web visit
https://groups.google.com/d/msgid/django-users/d1ba4c11-1158-474f-9a4b-91b288d25e93%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
