{"id":814,"date":"2017-03-18T17:54:19","date_gmt":"2017-03-18T12:24:19","guid":{"rendered":"https:\/\/www.wikitechy.com\/technology\/?p=814"},"modified":"2017-03-29T14:48:48","modified_gmt":"2017-03-29T09:18:48","slug":"http_host-vs-server_name","status":"publish","type":"post","link":"https:\/\/www.wikitechy.com\/technology\/http_host-vs-server_name\/","title":{"rendered":"PHP-HTTP_HOST vs. SERVER_NAME"},"content":{"rendered":"

SERVER_NAME:<\/strong><\/span><\/h4>\n
    \n
  • The name of the server host under which the current script is executing.<\/li>\n
  • If the script is running on a virtual host, this will be the value defined for that virtual host.<\/li>\n
  • SERVER_NAME comes from the server’s VirtualHost definition and is therefore considered more reliable.<\/li>\n
  • It can, however, also be manipulated from outside under certain conditions related to how your web server is set up.<\/li>\n<\/ul>\n

    HTTP_HOST:<\/strong><\/span><\/h4>\n
      \n
    • Contents of the Host: header from the current request, if there is one.<\/li>\n
    • HTTP_HOST is the target host sent by the client. It can be manipulated freely by the user.<\/li>\n
    • It’s no problem to send a request to your site asking for a HTTP_HOST<\/li>\n
    • HTTP_HOST vs SERVER_NAME:<\/li>\n
    • Imagine your web server has a default host set up as follows:<\/li>\n
    • UseCanonicalName Off
      \nServerName example.org<\/li>\n
    • The ServerName directive might seem like the only thing that affects $_SERVER[‘SERVER_NAME’], but is this a safe assumption?<\/li>\n
    • To determine what affect the Host header has, if any, create an index.php in the document root of the default host with the following code<\/li>\n<\/ul>\n
      Php Code<\/span> <\/div> 
      <?php  echo "HTTP_HOST [{$_SERVER['HTTP_HOST']}]\\n"; echo "SERVER_NAME [{$_SERVER['SERVER_NAME']}]";  ?><\/code><\/pre> <\/div>\n
      You can test several different values for Host easily enough with telnet:<\/p>\n
       
       Php Code<\/span> <\/div> 
      telnet example.org 80<\/code><\/pre> <\/div>\n[ad type=”banner”]\n
      Here are a few tests and corresponding results. For each test, we show the exact request and the content of the response.<\/p>\n
      1. No Host, HTTP\/1.0<\/strong><\/p>\n
      Request:<\/strong><\/span><\/h4>\n
       
       Php Code<\/span> <\/div> 
      GET \/ HTTP\/1.0<\/code><\/pre> <\/div>\n
      Result:<\/strong><\/span><\/h4>\n
       
       Php Code<\/span> <\/div> 
      HTTP_HOST []SERVER_NAME [example.org]<\/code><\/pre> <\/div>\n
      Empty Host, HTTP\/1.0<\/strong><\/p>\n
      Request:<\/strong><\/span><\/h4>\n
       
       Php Code<\/span> <\/div> 
      GET \/ HTTP\/1.0Host:<\/code><\/pre> <\/div>\n
      Result:<\/strong><\/span><\/h4>\n
       
       Php Code<\/span> <\/div> 
      HTTP_HOST []SERVER_NAME []<\/code><\/pre> <\/div>\n
      With an empty Host, SERVER_NAME is empty.<\/p>\n
      Empty Host, HTTP\/1.1<\/strong><\/p>\n
      Request:<\/strong><\/span><\/h4>\n
       
       Php Code<\/span> <\/div> 
       GET \/ HTTP\/1.1 Host:<\/code><\/pre> <\/div>\n
      Result:<\/strong><\/span><\/h4>\n
       
       Php Code<\/span> <\/div> 
      HTTP_HOST []SERVER_NAME []<\/code><\/pre> <\/div>\n
      Request:<\/strong><\/span><\/h4>\n
       
       Php code<\/span> <\/div> 
      GET \/ HTTP\/1.1Host: <script>alert('XSS')<\/script><\/code><\/pre> <\/div>\n
      Result:<\/strong><\/span><\/h4>\n
       
       Php Code<\/span> <\/div> 
      HTTP_HOST [<script>alert('XSS')<\/script>]SERVER_NAME [<script>alert('XSS')<\/script>]<\/code><\/pre> <\/div>\n[ad type=”banner”]\n
      With a non-empty Host, SERVER_NAME is the HTML-escaped host value.<\/p>\n
      SQL Injection Host, HTTP\/1.1<\/p>\n
      Request:<\/strong><\/span><\/h4>\n
       
       Php Code<\/span> <\/div> 
      GET \/ HTTP\/1.1Host: chris' --<\/code><\/pre> <\/div>\n
      Result:<\/strong><\/span><\/h4>\n
       
       Php Code<\/span> <\/div> 
      HTTP_HOST [chris' --] SERVER_NAME [chris' --]<\/code><\/pre> <\/div>\n
        \n
      • As you can see by the results Under certain circumstances, the Host header can affect $_SERVER[‘SERVER_NAME’].<\/li>\n
      • The ServerName directive is used when the Host header is absent, and apparently $_SERVER[‘SERVER_NAME’] is escaped with something like htmlentities().<\/li>\n
      • Sometimes, it’s hard to tell whether a particular element in $_SERVER can be affected by the HTTP request (ask Sean about PHP_SELF)<\/li>\n
      • so I find it easier to treat everything from $_SERVER just as if it were something like $_GET or $_POST.<\/li>\n
      • SERVER_NAME instead of HTTP_HOST<\/li>\n
      • We found a problem with our configuration (nginx and php-fpm).<\/li>\n
      • When you define domain in your plugin you are using SERVER_NAME as its value.<\/li>\n
      • SERVER_NAME with this configuration is not the same as HTTP_HOST, so the plugin is not working.<\/li>\n
      • We have changed it to get the SERVER_NAME from HTTP_HOST that it\u2019s what the user is really loading in its browser.<\/li>\n
      • With this line in wp-config.php it\u2019s working well<\/li>\n<\/ul>\n
         
         Php Code<\/span> <\/div> 
        $_SERVER['SERVER_NAME'] = $_SERVER['HTTP_HOST'];<\/code><\/pre> <\/div>\n
        Get host name or server name in PHP:<\/strong><\/span><\/h4>\n
          \n
        • $_SERVER[‘HTTP_HOST’] give you host infomration obtained from the HTTP request header and this is what the client actually used as \u201ctarget host\u201d of the request.<\/li>\n
        • $_SERVER[‘SERVER_NAME’] normally returns the same result as $_SERVER[‘HTTP_HOST’], but is defined in server config.<\/li>\n
        • However, if you server is running behind the proxy, then should use $_SERVER[‘HTTP_X_FORWARDED_HOST’] and<\/li>\n<\/ul>\n
           
           Php Code<\/span> <\/div> 
          $_SERVER['HTTP_X_FORWARDED_SERVER']\u00a0in place of\u00a0$_SERVER['HTTP_HOST']\u00a0and\u00a0$_SERVER['SERVER_NAME']. <\/code><\/pre> <\/div>\n
           
           Php Code<\/span> <\/div> 
          $host_name = isset($_SERVER['HTTP_X_FORWARDED_HOST']) ?                $_SERVER['HTTP_X_FORWARDED_HOST'] : $_SERVER("HTTP_HOST");  $server_name = isset($_SERVER['HTTP_X_FORWARDED_SERVER']) ?                 $_SERVER['HTTP_X_FORWARDED_SERVER'] : $_SERVER("SERVER_NAME"); <\/code><\/pre> <\/div>\n[ad type=”banner”]\n","protected":false},"excerpt":{"rendered":"
          SERVER_NAME: The name of the server host under which the current script is executing. If the script is running on a virtual host, this will be the value defined for that virtual host. SERVER_NAME comes from the server’s VirtualHost definition and is therefore considered more reliable. It can, however, also be manipulated from outside under […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[25],"tags":[1503,1505,1511,1509,1507,1512,1502,1504,1508,1506,1510],"class_list":["post-814","post","type-post","status-publish","format-standard","hentry","category-php","tag-am-i-understanding-the-man-pages-correctly","tag-how-reliable-is-http_host","tag-httpheader-net-as-http_host","tag-incorrect-string-length-of-_serverserver_name","tag-is-there-a-good-alternative-to-_serverserver_name","tag-make-apache-send-a-false-server_name-to-php","tag-php-_serverhttp_host-vs-_serverserver_name","tag-php-redirect-based-on-http_hostserver_name-within-same-domain","tag-php-_server-variables-_serverhttp_host-vs-_serverserver_name","tag-server-variable-is-not-recognizable-in-other-pages","tag-what-does-this-statement-returns-_serverserver_protocol"],"_links":{"self":[{"href":"https:\/\/www.wikitechy.com\/technology\/wp-json\/wp\/v2\/posts\/814","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.wikitechy.com\/technology\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.wikitechy.com\/technology\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.wikitechy.com\/technology\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.wikitechy.com\/technology\/wp-json\/wp\/v2\/comments?post=814"}],"version-history":[{"count":0,"href":"https:\/\/www.wikitechy.com\/technology\/wp-json\/wp\/v2\/posts\/814\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.wikitechy.com\/technology\/wp-json\/wp\/v2\/media?parent=814"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.wikitechy.com\/technology\/wp-json\/wp\/v2\/categories?post=814"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.wikitechy.com\/technology\/wp-json\/wp\/v2\/tags?post=814"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}