xxxxxxxxxx
ALLOWED_HOSTS = [ '127.0.0.1', '10.11.12.13' ]
in this example, localhost and one other host is able to access the Django server.
e.g. this host may be an API generator for a remote front-end web server
do not allow all (*) in ALLOWED_HOST.
never set ALLOWED_HOST = [ "*" ] this is major security flaw.
trusted_hosts ---> host that can access your server and are trusted peers
xxxxxxxxxx
ALLOWED_HOST = ["trusted_hosts"]
xxxxxxxxxx
ALLOWED_HOSTS.-
A list of strings representing the host/domain names that this Django site can serve.
This is a security measure to prevent HTTP Host header attacks,
which are possible even under many seemingly-safe web server configurations.