0

我今天收到以下关于 Django 1.5 错误的电子邮件。我相信我已经正确设置了 ALLOWED_HOSTS。有人试图探查我的网站是否存在漏洞...?还是我错过了什么?我询问探测的原因是因为使用了 scanproxy.net 主机。

Traceback (most recent call last):

File "/usr/local/lib/python2.7/dist-packages/django/core/handlers/base.py", line 92, in get_response
response = middleware_method(request)

File "/usr/local/lib/python2.7/dist-packages/django/middleware/common.py", line 57, in process_request
host = request.get_host()

File "/usr/local/lib/python2.7/dist-packages/django/http/request.py", line 72, in get_host
"Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): %s" % host)

SuspiciousOperation: Invalid HTTP_HOST header (you may need to set ALLOWED_HOSTS): www.scanproxy.net


<WSGIRequest
path:/p-80.html,
GET:<QueryDict: {}>,
POST:<QueryDict: {}>,
COOKIES:{},
META:{'CONTENT_TYPE': 'text/html',
'DOCUMENT_ROOT': '/var/django/projects/Portfolio',
'GATEWAY_INTERFACE': 'CGI/1.1',
'HTTP_ACCEPT': 'image/gif, image/x-xbitmap, image/jpeg, image/pjpeg, application/vnd.ms-powerpoint, application/vnd.ms-excel, application/msword, application/x-shockwave-flash, */*',
'HTTP_ACCEPT_LANGUAGE': 'en-us',
'HTTP_HOST': 'www.scanproxy.net',
'HTTP_PROXY_CONNECTION': 'keep-alive',
'HTTP_USER_AGENT': 'Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; KuKu 0.65)',
'PATH_INFO': u'/p-80.html',
'PATH_TRANSLATED': '/var/django/projects/Portfolio/apache/django.wsgi/p-80.html',
'QUERY_STRING': '',
'REMOTE_ADDR': '66.197.134.126',
'REMOTE_PORT': '1865',
'REQUEST_METHOD': 'GET',
'REQUEST_URI': 'http://www.scanproxy.net:80/p-80.html',
'SCRIPT_FILENAME': '/var/django/projects/Portfolio/apache/django.wsgi',
'SCRIPT_NAME': u'',
'SCRIPT_URI': 'http://www.scanproxy.net/p-80.html',
'SCRIPT_URL': '/p-80.html',
'SERVER_ADDR': '10.202.250.95',
'SERVER_ADMIN': 'iamadamcooke@gmail.com',
'SERVER_NAME': 'www.scanproxy.net',
'SERVER_PORT': '80',
'SERVER_PROTOCOL': 'HTTP/1.0',
'SERVER_SIGNATURE': '<address>Apache/2.2.22 (Ubuntu) Server at www.scanproxy.net Port 80</address>\n',
'SERVER_SOFTWARE': 'Apache/2.2.22 (Ubuntu)',
'mod_wsgi.application_group': 'iamadamcooke.com|',
'mod_wsgi.callable_object': 'application',
'mod_wsgi.handler_script': '',
'mod_wsgi.input_chunked': '0',
'mod_wsgi.listener_host': '',
'mod_wsgi.listener_port': '80',
'mod_wsgi.process_group': '',
'mod_wsgi.request_handler': 'wsgi-script',
'mod_wsgi.script_reloading': '1',
'mod_wsgi.version': (3, 3),
'wsgi.errors': <mod_wsgi.Log object at 0x7f365219e9f0>,
'wsgi.file_wrapper': <built-in method file_wrapper of mod_wsgi.Adapter object at 0x7f365209d4e0>,
'wsgi.input': <mod_wsgi.Input object at 0x7f36520271f0>,
'wsgi.multiprocess': True,
'wsgi.multithread': False,
'wsgi.run_once': False,
'wsgi.url_scheme': 'http',
'wsgi.version': (1, 1)}>
4

1 回答 1

5

很可能会引发警报,因为该请求中的HTTP_HOST标头与ALLOWED_HOSTS中的 Django 配置中定义的主机名不匹配。

假设您的网站是 www.mysite.com。通常,DNS 配置为将所有请求指向您的站点侦听的 IP 地址。

但是,没有什么可以阻止我向该 IP 地址发出请求并在 HTTP 标头中声明该请求的目的地是 www.anothersite.com。

在大多数情况下,这种行为并没有什么特别有害的,但 Django 开发人员认为它的可疑程度足以保证 500 响应和警告。

在您的具体情况下,您收到来自 66.197.134.126 的请求到您的网络服务器,要求www.scanproxy.net。你的网络服务器接受了这个请求并将它转发给 Django,它立即说,嘿,我不是 www.scanproxy.net!

话虽如此,这有什么值得担心的吗?这真的取决于你。如果您了解正在发生的事情,您可以自己做出决定。

于 2013-07-21T16:32:35.173 回答