0

I'm getting bots that intentionally try to look for vulnerabilities on my IP and what I have to do is manually block the IP's.

For example with this as the start of the error sent to my email by django

Invalid HTTP_HOST header: '68.183.112.215'. You may need to add '68.183.112.215' to ALLOWED_HOSTS.

Report at /.well-known/security.txt
Invalid HTTP_HOST header: '68.183.112.215'. You may need to add '68.183.112.215' to ALLOWED_HOSTS.

Request Method: GET
Request URL: https://68.183.112.215/.well-known/security.txt

I'd need to know the error type is invalid HTTP_HOST then with the IP listed

HTTP_X_REAL_IP = '198.20.70.114'

parse this field to get the IP

I think this should work

def handler500(request):
    x_forwarded_for = request.META.get('HTTP_X_FORWARDED_FOR')
    if x_forwarded_for:
        ip = x_forwarded_for.split(',')[0]
    else:
        ip = request.META.get('REMOTE_ADDR')

    #check if Invalid HTTP_HOST header
    #if so run script to add ip to blocked ip's

    #if possible let the normal 500 error to be raised
    ....

    #otherwise raise custom error

If I can figure out the error type then I can try this out. Getting tired of doing this manually.

Sam B.
  • 2,703
  • 8
  • 40
  • 78
  • I think I wouldn't care too much about that and rather take care of that my web server doesn't pass the requests to the application server. – Yannic Hamann Mar 16 '19 at 05:10
  • you have a point a simple solution would be just archive them and ignore them and eventually they'll fade away but I just cant... I found this that could work https://stackoverflow.com/questions/238081/how-do-you-log-server-errors-on-django-sites – Sam B. Mar 19 '19 at 06:43

0 Answers0