TRUSTED HOST PATTERNS SETTINGS

TRUSTED HOST SETTINGS
Not enabled
The trusted_host_patterns setting is not configured in settings.php. This can lead to security vulnerabilities. It is highly recommended that you configure this. See Protecting against HTTP HOST Header attacks for more information.
 


Solve: Edit setting.php file and edit as below - this example for localhost & single installation

It look like at line 723 in setting.php

Refer: https://www.drupal.org/node/1992030

*/
$settings['trusted_host_patterns'] = array(
'^localhost$',
);
 /**

* The above setting is for localhost and running single site

* for multi site like below: (if in live server)
$settings['trusted_host_patterns'] = array(
'^example.com$',
'^.+\.example.com$',
);