My settings.py file contains:
DEBUG = False
ALLOWED_HOSTS = [u'mydomainxxx.com']
Howevever, I'm able to fire a curl request like this: curl -X GET https://mydomainxxx.com/api/ -H 'Authorization: Token some token'
and am getting the response.
I was hoping that using ALLOWED_HOSTS
will prevent commands like curl to get response from my API.
Is this a normal behaviour ?