Merge pull request #319 from bogdal/allowed-hosts

Allowed hosts

{{cookiecutter.repo_name}}/README.rst

@@ -30,6 +30,7 @@ DJANGO_SESSION_COOKIE_SECURE            SESSION_COOKIE_SECURE       n/a
 DJANGO_DEFAULT_FROM_EMAIL               DEFAULT_FROM_EMAIL          n/a                                            "{{cookiecutter.project_name}} <noreply@{{cookiecutter.domain_name}}>"
 DJANGO_SERVER_EMAIL                     SERVER_EMAIL                n/a                                            "{{cookiecutter.project_name}} <noreply@{{cookiecutter.domain_name}}>"
 DJANGO_EMAIL_SUBJECT_PREFIX             EMAIL_SUBJECT_PREFIX        n/a                                            "[{{cookiecutter.project_name}}] "
+DJANGO_ALLOWED_HOSTS                    ALLOWED_HOSTS               ['*']                                          ['{{cookiecutter.domain_name}}']
 ======================================= =========================== ============================================== ======================================================================
 
 The following table lists settings and their defaults for third-party applications:
@@ -220,6 +221,7 @@ Run these commands to deploy the project to Heroku:
 
     heroku config:set DJANGO_SECRET_KEY=`openssl rand -base64 32`
     heroku config:set DJANGO_SETTINGS_MODULE='config.settings.production'
+    heroku config:set DJANGO_ALLOWED_HOSTS='.herokuapp.com'
 
     heroku config:set DJANGO_AWS_ACCESS_KEY_ID=YOUR_AWS_ID_HERE
     heroku config:set DJANGO_AWS_SECRET_ACCESS_KEY=YOUR_AWS_SECRET_ACCESS_KEY_HERE

{{cookiecutter.repo_name}}/config/settings/common.py

@@ -238,12 +238,23 @@ LOGGING = {
             '()': 'django.utils.log.RequireDebugFalse'
         }
     },
+    'formatters': {
+        'verbose': {
+            'format': '%(levelname)s %(asctime)s %(module)s '
+                      '%(process)d %(thread)d %(message)s'
+        },
+    },
     'handlers': {
         'mail_admins': {
             'level': 'ERROR',
             'filters': ['require_debug_false'],
             'class': 'django.utils.log.AdminEmailHandler'
-        }
+        },
+        'console': {
+            'level': 'DEBUG',
+            'class': 'logging.StreamHandler',
+            'formatter': 'verbose',
+        },
     },
     'loggers': {
         'django.request': {
@@ -251,6 +262,13 @@ LOGGING = {
             'level': 'ERROR',
             'propagate': True,
         },
+        'loggers': {
+            'django.security.DisallowedHost': {
+                'level': 'ERROR',
+                'handlers': ['console', 'mail_admins'],
+                'propagate': True,
+            },
+        },
     }
 }
 {% if cookiecutter.use_celery == "y" %}

{{cookiecutter.repo_name}}/config/settings/production.py

@@ -69,7 +69,7 @@ SECURE_SSL_REDIRECT = env.bool("DJANGO_SECURE_SSL_REDIRECT", default=True)
 # ------------------------------------------------------------------------------
 # Hosts/domain names that are valid for this site
 # See https://docs.djangoproject.com/en/1.6/ref/settings/#allowed-hosts
-ALLOWED_HOSTS = ["*"]
+ALLOWED_HOSTS = env.list('DJANGO_ALLOWED_HOSTS', default=['{{cookiecutter.domain_name}}'])
 # END SITE CONFIGURATION
 
 INSTALLED_APPS += ("gunicorn", )
@@ -204,6 +204,11 @@ LOGGING = {
             'handlers': ['console'],
             'propagate': False,
         },
+        'django.security.DisallowedHost': {
+            'level': 'ERROR',
+            'handlers': ['console', 'sentry'],
+            'propagate': False,
+        },
     },
 }
 SENTRY_CELERY_LOGLEVEL = env.int('DJANGO_SENTRY_LOG_LEVEL', logging.INFO)

{{cookiecutter.repo_name}}/env.example

@@ -3,6 +3,7 @@ POSTGRES_USER=postgresuser
 
 DJANGO_SETTINGS_MODULE=config.settings.production
 DJANGO_SECRET_KEY=
+DJANGO_ALLOWED_HOSTS=
 DJANGO_AWS_ACCESS_KEY_ID=
 DJANGO_AWS_SECRET_ACCESS_KEY=
 DJANGO_AWS_STORAGE_BUCKET_NAME=