After a fresh installation of Drupal, you’ll also need to enable ‘Trusted Host Settings’. In this article, we’ll give you step-by-step instructions on how to enable ‘Trusted Host Settings’. Some steps are little tricky, so please follow them closely.

‘Trusted Host Setting’ Error

From your drupal site, Manage->Report->Status Report, you’ll see one error.

Error in Status Report

Continuing to details, you’ll see the error message saying ‘Trusted Host Setting’ is not enabled. The link provided with the error explains why we need to fix the error but does not give out how to fix it.

Enable ‘Trusted Host Setting’

We need to go to your drupal installed directory first.

cd #drupal-dir
cd web/sites/default

Take a look at the files in this directory.

# ls default.settings.php files settings.php

If settings.php exists, drupal uses it as the setting. default.settings.php is the last resort. This document explains this behavior.

For security purposes, settings.php is set to READ-ONLY by drupal. So you need to give it written permission before editing it.

chmod a+w settings.php

Open settings.php, then search ‘trusted_host_pattern‘. Do not just uncomment it, as it’s very tricky. It’s inside a big /* */ comment block. Instead, copy the following lines outside the current comment block.

$settings['trusted_host_patterns'] = [

Always change yourdomain to your real domain. Otherwise, you’ll see the following error message with your site.

Warning for Not Trusted Host
Warning for Not Trusted Host

For security reasons, turn off the written permission for settings.php.

chmod a-w settings.php

At this point, go back to your site’s status report. You won’t be able to see the error message again.

For further reading, please refer to Trusted Host Setting from the Drupal official document.


Sometimes, we need to be careful not to fall into pitfalls. In the above steps, putting the setting outside commenting block is very tricky and not intuitive. Many people made the same mistake.

If you have any suggestions, please leave a comment below.

Leave a Reply

Your email address will not be published. Required fields are marked *