Bad Request 400

Suddenly I am getting this error when I try to access my app. This has seemingly happened despite the fact that I have made absolutely no changes to any file... Thanks for any assistance.

A 400 error from a web app usually means that the view that you're accessing doesn't accept the HTTP method that was sent. For example, you may have a view that only accepts POST requests and you're sending it a GET request.

Yes, but it Did work when I initially set it up, and I have made no changes....

If you didn't reload your app when you made some changes a while ago, then you could have been running with code that worked up until we have to reboot a machine or restart your web app. Then the changes that you made, but didn't see in action would take effect.

"Bad Request (400)" errors are fairly common in Django apps (is that what you're using) when DEBUG is off and the ALLOWED_HOSTS setting is incorrect. Have a look at this SO question

Yes I am using Django. So are you saying i should change ALLOWED_HOSTS to '*'? Currently ALLOWED_HOST='/home/mjmacarty/source_directory/'. By the way, all was good until 6/12. Then I started getting 400. Looking at the log I sometimes get 499, with odd occasional 489.

I think ALLOWED_HOST should be something like, or whatever domain name you setup your webapp with.

Just to add to what Conrad said: ALLOWED_HOSTS should be a list of the domain names your site is hosted on. So if you have a web app at pointing to your codebase, it should be [""].

(If you're doing something more complicated, and have multiple web apps on the "Web" tab all pointing to exactly the same codebase, then you need to list all of them there, eg. ["", "", ""])

However: ALLOWED_HOSTS is ignored if you have DEBUG set to True. So if you haven't changed anything at all recently -- not even switched off debug mode -- then perhaps that's not the cause. Do you have an example of a URL that triggers the error? And can we look at your code? (We can see it from out side, but we always ask before doing so.)

Thanks that did it. I misunderstood where the ALLOWED_HOSTS should point.

I made a help page about the django 400 bad request error, hope people find it useful!

Erreur 400 Bad Request

Did you check the help page linked above your post? Also, did you check your web app's error log?

Hello, I am working with an embedded system that manages HTTP requests (GET, POST and PUT), I have uploaded a flask code to test in pythonanywhere (free account) and with the 3 methods It responds "400 Bad Request", applying the command: curl responds to what was specified in @app.route("/") of the test app, the curious thing is that performing an http get from my embedded system to the page (and others) I get the same result as applying the command: curl And when checking the logs ( the accesses of my embedded system do not appear and those made with the curl command do. Any suggestions? Thank you.

That might be an issue with your embedded system. Your website seems to be working fine (at least the GET).

Hello, I know that the web page is working fine (it is extremely basic, just for testing purposes). The problem is that the accesses made by my embedded system are not even recorded in its log ( , but I DO receive the 400 error (probably some layer prior to its log is invalidating the request) since if I access other pages as I mentioned before (eg I receive correct responses without errors So I ask you, does your server need some specific feature to be validated that possibly embedded systems do not comply with you (I have seen several comments on the forum regarding problems with embedded systems)?

Just to exclude the simplest: can you double check if your system is actually hitting your PA web app (is 400 response coming from PythonAnywhere)?

Hello To answer your question without leaving any doubt, I made a memory dump of the data received from the client http connection where you can see the headers and the body, where you can read Server: PythonAnywhere Memory dump:

400 Bad Request Date: Tue, 11 Jun 2024 17:45:30 GMT Content-Type: text/html Content-Length: 163 Connection: close Server: PythonAnywhere <html><head><title>400 Bad Request</title></head><body><center><h1>400 Bad Request</h1></center><hr><ce nter>openresty/</center></body></html>

And to give more information, perform the following tests to clarify doubts:

1 - I verify the IP generated by the client DNS in my embedded application and results (at the time of the test) "" 2 - I verify the response of the Google DNS ( for the Name host "" And it is: "35,173,69,207" Complete answer: { "Status": 0 / NOERROR /, "TC": false, "RD": true, "RA": true, "AD": false, "CD": false, "Question": [ { "name": "", "type": 1 / A / } ], "Answer": [ { "name": "", "type": 1 / A /, "TTL": 300, "data": "" } ], "Comment": "Response from 2600:9000:5307:6000::1." } 3 - I apply the IP "" in an browser and I get the pythonanywhare coming soon page! 4 - I apply in a browser "" and responds with the content detailed in @app.route ("/") of the uploaded code.

Are you hitting directly from your device, not or I misunderstood you? What is an ip address of your device that tries to make that calls? (You may answer to if you do not want to do it on public forums.)

Hello, yes, this is how the embedded system works: it resolves a DNS and sends http requests to that IP returned by the DNS.

Then you need to set the Host header to as is our loadbalancer that needs to know what web app to send your request to.