0
I am getting warnings on my Django deployment server. To be precise:
Invalid HTTP_HOST header: 'ip.ws.126.net:443'.
The WHOIS entry for this domain is pretty opaque just as the domain: https://www.whois.com/whois/126.net
My question is: What is the origin of these warnings? I suspect some kind of webcrawling but I don't understand the security aspect behind the warning.
Just asking out of curiousity, maybe someone can explain.
CampFireMan
Posted 2020-01-04T18:07:29.847
Reputation: 1
Hello there! Have you found the reason behind that? I'm facing the same problem right now. – Matheus Sant'ana – 2020-02-12T11:12:13.287
1
Yes, this is a good hint: https://github.com/pydanny/cookiecutter-django/issues/914#issuecomment-263614761 These are apparently scripts checking for vulnerabilities on your server. I get quite consistently 2-3 requests of these a day. More on Host Header attacks: https://www.acunetix.com/blog/articles/automated-detection-of-host-header-attacks/
– CampFireMan – 2020-02-13T23:21:06.107Got it! Thank you for the reply! – Matheus Sant'ana – 2020-02-14T12:56:59.273