AWS Hosting Issue w/ ALLOWED_HOSTS

I am deploying a django application to AWS elastic beanstalk. I’m having troubles getting a Route 53 hosted domain record to route traffic appropriately, and I think it’s a problem on the application side and not AWS. I have a ticket open with AWS, and in their first response their thinking was that it was probably application problem, but they are still investigating. Was hoping someone here could help me on the Django side.

I have a hosted zone, “” in Route 53. Within the hosted zone I have 4 records, 2 are the NS and SOA records that come with each hosted zone by default. And I created 2 additional “A” records, that
are alias’ to my elastic beanstalk environment. These two records are named “” and “”.

In my django application I have added my elastic beanstalk CNAME, “”, and “” to the ALLOWED_HOSTS, as follows:

ALLOWED_HOSTS = [‘’,’,’,’,’,]

Note - i added the https versions of the urls as well…im not sure if this is actually necessary.

When i deploy the application to elastic beanstalk everything is normal. I try to access in a browser and it works. I try to access from a browser and the browser returns “Bad Request (400)”. I’m not sure why the url does not work.

Then, based on the 2 following links I tried updating allowed hosts by removing and adding “” because starting with a period is supposedly a wildcard. Then i redeoployed the application, and now the domain works!!! I’m happy it works, but I’m also concerned that having “” in my allowed hosts could be security issue, and I’d much rather understand why my url was not working when I had “” in my allowed hosts.

Anyone seen anything like this?

If you set up error reporting, Django will send you an error report and you can see exactly what host is being expected. (It’ll be a config issue, but no way to say exactly without access to the errors.)

Thanks. I figured it out and it was a dumb mistake. In the allowed hosts, i had 4 w’s in I guess it’s hard to distinguish visually between 3 and 4 w’s because I looked at that multiple times to confirm there was not a typo.

Should i delete this post? or is it better to leave it?

Personally, i would suggest leaving it as a reminder to not overlook what might be an easy mistake made, but the choice is yours. (There are a number of similar examples here.)

1 Like