Invalid HTTP_HOST header: '.your-domain.com'. The domain name provided is not valid according to RFC 1034/1035 (You may need to add u'domain.com' to ALLOWED_HOSTS.).
I have several Django projects published and my mailbox and log files are constantly inundated with spider errors and hacking attempts to connect to my applications. These error messages have an email subject: "[Django] ERROR (EXTERNAL IP): Invalid HTTP_HOST ...". So after spending a long time with this, I solved this problem with Apache (Require). The correct format for "Require" and "SetEnvIfExpr" is: ^[^_]+ would match a string of 1 or more character containing any character except underscore. <VirtualHost xxx.xxx.xxx.xxx:80 > ... SetEnvIfNoCase Host "^[^_]+\.my-domain\.com" VALID_HOST <Location / > <RequireAll> Require all granted Require env VALID_HOST </RequireAll> </Location> ... </VirtualHost> Or to be more safe we can apply it to wsgi.py file : <VirtualHost xxx.xxx.xxx.xxx:80 > ... SetEnvIfNoCase Host "^[^