Django - invalid http_host header you may need to add to allowed_hosts
This error message is a security feature in Django that is designed to prevent HTTP Host header attacks. It occurs when the Host header in an incoming request does not match any of the values in the ALLOWED_HOSTS setting in your Django project's settings.
Invalid http_host header you may need to add to allowed_hosts [Solution]
To resolve this error, you need to add the correct Host value to the ALLOWED_HOSTS setting. Here's how:
- Open the settings.py file in your Django project.
- Find the ALLOWED_HOSTS setting and add your HOST value there. If you are using 127.0.0.1 as a host then you can use - ALLOWED_HOSTS = ['127.0.0.1'].
If you are using localhost as your host then you can change your file as below.
settings.py
ALLOWED_HOSTS = ["localhost", "127.0.0.1"]
Add the correct Host value to the list. For example, if your website's domain is mywebsite.com, you would add it like this:
ALLOWED_HOSTS = ['mywebsite.com']
If your website has multiple subdomains, you may also need to add those to the list. For example:
ALLOWED_HOSTS = ['mywebsite.com', 'www.mywebsite.com', 'subdomain.mywebsite.com']
Save the settings.py file and restart your Django development server. The invalid http_host header error should be resolved.
Note: Be sure to use the correct domain and subdomain names in the ALLOWED_HOSTS setting, as this is a critical security feature. If you're not sure what values to use, check with your web hosting provider or DNS administrator.