How to override the Host header with curl

Customizing the HTTP Host header in curl enables precise testing of virtual hosts, reverse proxies, and multi-tenant applications that rely on host names for routing. Adjusting the header clarifies how traffic is dispatched when several sites share the same IP address and helps isolate misrouted requests, broken redirects, and odd cache behavior without touching DNS configuration.

In HTTP/1.1 and later, the Host header is mandatory and informs the server which site a client wants even when the TCP endpoint is identical. curl derives this header from the URL hostname and sends it with the request metadata, while options such as --header (-H) allow overriding or adding headers. Flags like --resolve or --connect-to refine how hostnames map to addresses, so traffic can be directed at specific backends while still sending a chosen host name.

Unexpected hostnames can confuse virtual host configuration, upset strict TLS setups, or trigger intrusion detection systems. Mismatched host and certificate names or duplicate Host headers may be treated as header smuggling or cache poisoning attempts. Custom host values therefore belong in controlled test environments or production investigations with explicit authorization and careful logging.

1. Run a command to display the installed curl version as a quick availability check.

   $ curl --version
   curl 7.81.0 (x86_64-pc-linux-gnu) libcurl/7.81.0 OpenSSL/3.0.2 zlib/1.2.11
   Release-Date: 2022-01-05
   Protocols: dict file ftp ftps gopher http https imap imaps mqtt pop3 pop3s rtsp smb smbs smtp smtps telnet tftp
   Features: AsynchDNS HTTP2 HTTPS-proxy IPv6 Largefile libz NTLM NTLM_WB SSL TLS-SRP UnixSockets
   ##### snipped #####

   If the command is not found on Linux or other platforms, installing curl from the system package manager or official distribution provides the required binary.

2. Send a verbose HTTP request to a test URL to see the default Host header that curl derives from the URL hostname.

   $ curl -v http://example.com/
   *   Trying 93.184.216.34:80...
   * Connected to example.com (93.184.216.34) port 80 (#0)
   > GET / HTTP/1.1
   > Host: example.com
   > User-Agent: curl/7.81.0
   > Accept: */*
   ##### snipped #####

   The line beginning with > Host: shows the header value that virtual host configuration and reverse proxies use for routing decisions.

3. Repeat the request while overriding the Host header with a custom hostname to simulate a different virtual host on the same endpoint.

   $ curl -v --header 'Host: demo.local' http://example.com/
   *   Trying 93.184.216.34:80...
   * Connected to example.com (93.184.216.34) port 80 (#0)
   > GET / HTTP/1.1
   > Host: demo.local
   > User-Agent: curl/7.81.0
   > Accept: */*
   ##### snipped #####

   Supplying an arbitrary Host value can expose unintended content, interfere with application security checks, or trigger web application firewalls that watch for host header attacks.

4. Combine a custom Host header with --resolve to route a hostname to a specific IP address without altering external DNS.

   $ curl -v --header 'Host: demo.local' --resolve demo.local:80:203.0.113.10 http://demo.local/
   * Added demo.local:80:203.0.113.10 to DNS cache
   *   Trying 203.0.113.10:80...
   * Connected to demo.local (203.0.113.10) port 80 (#0)
   > GET / HTTP/1.1
   > Host: demo.local
   > User-Agent: curl/7.81.0
   > Accept: */*
   ##### snipped #####

   The --resolve option pins a hostname, port, and IP triple for curl, which is useful when testing new backends, CDNs, or reverse proxies before DNS records change.

5. Filter the verbose output to confirm that the outgoing request carries the intended Host header value.

   $ curl -v --header 'Host: demo.local' http://example.com/ 2>&1 | grep '^> Host:'
   > Host: demo.local

   Successful override appears when the extracted line shows the custom hostname after > Host: while the connection details still reflect the desired network target.