0
I am getting warnings on my Django deployment server. To be precise:
Invalid HTTP_HOST header: 'ip.ws.126.net:443'.
The WHOIS entry for this domain is pretty opaque just as the domain: https://www.whois.com/whois/126.net
My question is: What is the origin of these warnings? I suspect some kind of webcrawling but I don't understand the security aspect behind the warning.
Just asking out of curiousity, maybe someone can explain.
Hello there! Have you found the reason behind that? I'm facing the same problem right now. – Matheus Sant'ana – 2020-02-12T11:12:13.287
1
Yes, this is a good hint: https://github.com/pydanny/cookiecutter-django/issues/914#issuecomment-263614761 These are apparently scripts checking for vulnerabilities on your server. I get quite consistently 2-3 requests of these a day. More on Host Header attacks: https://www.acunetix.com/blog/articles/automated-detection-of-host-header-attacks/
– CampFireMan – 2020-02-13T23:21:06.107Got it! Thank you for the reply! – Matheus Sant'ana – 2020-02-14T12:56:59.273