Django 1.5 provides a new feature that must be enabled: restrict the domain name to be accessed by setting allowed_hosts. The website can only be accessed through the bound domain name, but will be rejected by IP address or not bound to this site (a 500 error will be generated by default ).
This is a great feature, but it also has a side effect, that is, it will generate a lot of 500 errors, and if the malicious person, by scanning IP address and other methods to harass your server, it will make you dare not disturb, and also slow down the system's response capability to a certain extent. After all, 500 errors consume some computing resources and are expensive Django resources!
The solution is to directly block non-Domain Name access on the front-end server and prevent it from being transparently transmitted to Django. For example. On nginx, you can solve the problem by using the following methods:
server { listen 80 default; location / { # or show another site return 403 "Forbidden"; }}server { listen 80; server_name $your_domain; location / { uwsgi_pass unix:$your_django_sock; include uwsgi_params; }}
Refer:
Http://stackoverflow.com/questions/17149435/avoiding-djangos-500-error-for-not-allowed-host-with-nginx
Resolve the 1.5 error caused by Django 500 non-domain access