Unusual "Invalid HTTP_HOST header" errors

[reginafcompton]

Since deploying via the zero downtime pattern, the site has raised several mysterious Invalid HTTP_HOST header errors.

Invalid HTTP_HOST header: '/tmp/coordinated-entry-screening-d-68VO4P8QX.sock:'. The domain name provided is not valid according to RFC 1034/1035.

See sentry for full report.

The Sentry breadcrumbs suggest that this error originates with robots, crawling the site, looking for security weaknesses. But one must wonder: how could someone(thing) know about the nginx sock? It seems like this might be coming from "inside the house." Some things to do:

• add a robots.txt file (to be sure!)
• configure a proper 404 and determine where the current one comes from - it came from rapidsms
• investigate places where the app sends http requests/responses, particularly, the various dependencies required for sending text messages and communicating with Twilio