Make an HTTP request to a machine but fake the hostname

Updated . Posted . Visible to the public.

Consider you have a website vhost listening to www.example.com, redirecting all incoming requests that do not talk about the configured hostname (this is often used to redirect users to http://www.example.com when entering only http://example.com/).

If you want to make a request to that site's web server without actually talking to www.example.com (e.g. because this is a load balancer's address but you want to access one specific machine), you cannot just request machine1.example.com or localhost as the above vhost will redirect your request.

When talking HTTP 1.1, your client (browser) uses the HTTP header "Host" to tell the web server what host it's requesting for. This is what we want to change in order to properly "fake" the request. You can do it in different ways, here are two:

Using cURL

Since version 7.21.3 Show archive.org snapshot cURL allows specifying an IP address, thus forging the hostname for the request.

$ curl --resolve www.example.com:80:127.0.0.1 http://www.example.com/

The --resolve switch allows you to tell curl which address to request when it would resolve a given hostname. In the above snippet cURL uses 127.0.0.1 (localhost) instead of resolving www.example.com via DNS.

Telnet (aka classic mode)

You can use telnet to speak HTTP, e.g. if your cURL is below 7.21.3:

$ telnet 127.0.0.1 80
GET / HTTP/1.1
Host: www.example.com
<Return>
<Return>

Here you make an HTTP 1.1 request manually. The Host header tells the server that this request is for www.example.com. Terminate your request headers by 2 linebreaks.

Arne Hartherz
Last edit
Arne Hartherz
Keywords
apache, ServerName
License
Source code in this card is licensed under the MIT License.
Posted by Arne Hartherz to makandra dev (2011-09-15 14:06)