Host
Request header Routing

Overview

Host carries the domain name (and optional port) of the server the request targets, and it is the only mandatory request header in HTTP/1.1. In virtual hosting, where many domains share one IP address, the server reads this value to decide which site to serve.

Details

HTTP/1.0 had no Host header, so a single IP could serve only one site. HTTP/1.1 made Host mandatory, enabling name-based virtual hosting; today shared hosts, CDNs, and reverse proxies route on it. Because the request line usually carries a relative path (`GET /path`), the server cannot know the target domain without Host.

The value equals the authority part of the URL, without scheme or path. Default ports (80 for HTTP, 443 for HTTPS) are omitted; a non-standard port is appended as `example.com:8080`. In HTTP/1.1, a missing or duplicated Host must be answered with 400 Bad Request.

In HTTP/2 and HTTP/3 the `:authority` pseudo-header takes over the role of Host. When translating between protocols the two must agree; a mismatch can open the door to request smuggling.

Syntax

Host: <host>[:<port>]

e.g. Host: www.example.com

Notes

Related headers

OriginReferer:authority

Related status codes

Specification