0
0
Djangoframework~5 mins

ALLOWED_HOSTS configuration in Django - Cheat Sheet & Quick Revision

Choose your learning style9 modes available
LearnWhyDeepVisualTryChallengeProjectRecallPerf
Recall & Review
beginner
What is the purpose of the ALLOWED_HOSTS setting in Django?
It defines a list of host/domain names that the Django site can serve. This helps protect against HTTP Host header attacks by only allowing requests from specified hosts.
Click to reveal answer
beginner
How do you configure ALLOWED_HOSTS to allow your Django app to serve requests from example.com and www.example.com?
Set ALLOWED_HOSTS = ['example.com', 'www.example.com'] in your settings.py file.
Click to reveal answer
intermediate
What happens if ALLOWED_HOSTS is empty in a production Django app?
Django will raise a DisallowedHost error and refuse to serve requests, because no hosts are allowed. This prevents serving requests from unknown or malicious hosts.
Click to reveal answer
intermediate
Why should you avoid setting ALLOWED_HOSTS = ['*'] in production?
Using '*' allows any host, which removes protection against Host header attacks and can expose your app to security risks.
Click to reveal answer
intermediate
How can you allow localhost and all subdomains of example.com in ALLOWED_HOSTS?
Set ALLOWED_HOSTS = ['localhost', '127.0.0.1', '.example.com']. The dot before example.com allows all subdomains like api.example.com.
Click to reveal answer
What type of values does ALLOWED_HOSTS accept?
AList of strings representing host/domain names
BBoolean values
CInteger port numbers
DFile paths
What error does Django raise if a request comes from a host not in ALLOWED_HOSTS?
AKeyError
BValueError
CTypeError
DDisallowedHost
Which setting is the safest for ALLOWED_HOSTS in production?
A['*']
B[]
C['yourdomain.com', 'www.yourdomain.com']
D['localhost']
How do you allow all subdomains of a domain in ALLOWED_HOSTS?
AUse a leading dot before the domain name
BUse an asterisk (*) anywhere
CAdd the domain without any dot
DUse a question mark (?)
If you want to test locally, which host should you add to ALLOWED_HOSTS?
A'localhost'
BBoth A and C
C'127.0.0.1'
D'0.0.0.0'
Explain why the ALLOWED_HOSTS setting is important for Django security and how to configure it properly.
Think about what happens if a request comes from an unknown domain.
You got /5 concepts.
    Describe how to set ALLOWED_HOSTS for a Django app running locally and on a production domain with subdomains.
    Consider both local and live environments.
    You got /4 concepts.