"400 Bad request" error when I call OJS from a different IP or domain

I just installed OJS3 on Apache2 and tested on ‘localhost’ which worked. Now, when I input any internal valid IP I got 400 Bad request.
From what I read, its seems that OJS _(underscore) files/directories could be the root of this problem.

I created another website on Apache2 with just a html file and a directory named _file and it worked. So I’m confused and looking for help.


I forgot to configure config.inc.php to allow other hosts. Problem solved!

1 Like

This topic was automatically closed after 2 days. New replies are no longer allowed.

Hi Rodrigo, welcome to PKP community.

I’m happy you found the solution so fast, but for others arriving to this post with similar error, let me explain it a little more:

In OJS 3.3.0-9 a new variable called allowed_hosts was introduced in config.inc.php.

This is a general problem with webservers so PKP applied the same solution you can see in drupal, wordpress and other CMSs.

If your server answer to multiple domains, or your reverse proxy change your domain name… you will get a “400 Bad request” error, but as it’s said, this is not a bug, it’s a feature. :wink:

If you like to answer petitions under different names, you need to add all your domains to the allowed_hosts array in your config.inc.php as follows:

allowed_hosts = '["localhost", "", "myjournal.tld", "anotherjournal.tld", "mylibrary.tld"]'

As is a security concern, the change was applied to older versions with active support like stable-3.2.x, stable-3.3.x.

If you like to know more about this, you would like to read:


1 Like