我将 Django 应用程序部署到 Amazon Lightsail VPS,当我通过域名访问它时,它按预期工作
xxxxx.com
,但是,如果我尝试通过 IP 地址访问它,则会出现错误:
Invalid HTTP_HOST header: 'ec2-MY-IP-ADDR-Here.compute-1.amazonaws.com'.
You may need to add 'ec2-MY-IP-ADDR-Here.compute-1.amazonaws.com' to ALLOWED_HOSTS.
DisallowedHost at /
Invalid HTTP_HOST header: 'ec2-MY-IP-ADDR-Here.compute-1.amazonaws.com'.
You may need to add 'ec2-MY-IP-ADDR-Here.compute-1.amazonaws.com' to ALLOWED_HOSTS.
Request Method: GET
Request URL: https://ec2-MY-IP-ADDR-Here.compute-1.amazonaws.com/`
当然,
MY-IP-ADDR-Here
是我实际的IP地址号码。
我徘徊:
ec2-MY-IP-ADDR-Here.compute-1.amazonaws.com/
?ec2-MY-IP-ADDR-Here.compute-1.amazonaws.com
添加到我允许的主机是否安全?MY-IP-ADDR-Here
是个好主意吗?以下是相关配置参数:
/etc/nginx/sites-enabled/mysite
server {
listen 80;
server_name xxxxx.com MY.IP.ADDr.Here;
location / {
include proxy_params;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_redirect off;
proxy_pass http://unix:/run/gunicorn.sock;
}
}
# many lines created hy certbot
#
`# I added the following block to tell nginx to discard any request that doesn't match the xxxxx.com MY.IP.ADDr.Here;
# https://docs.djangoproject.com/en/5.0/howto/deployment/checklist/#allowed-hosts`
server {
listen 80 default_server;
listen [::]:80 default_server;
return 444;
}
我的项目/settings.py
ALLOWED_HOSTS = ["xxxxx.com", "MY-IP-ADDR-Here"]
不建议以这种方式添加到ALLOWED_HOST,因为这样不安全。
如果您确实需要使用 IP 地址访问页面,请将其添加到环境变量中,否则不要这样做。