Rewriting Host Header
How to rewrite the Host header to enable exposing local servers to the internet
Host header verification is a common feature on web servers. For example in PHP or Node.js you will encounter errors such as:
Blocked request. This host ("xyz.webrelay.io") is not allowed.
To allow this host, add "xyz.webrelay.io" to `server.allowedHosts` in vite.config.js.
Host Header Mismatch
When tunneling to localhost
, requests arrive with the public tunnel address (e.g., xyz.webrelay.io
) as the Host
header. Many servers and frameworks (like Vite, Nuxt.js, Next.js, Apache, Nginx) perform host header validation. They block requests if the Host
header doesn't match the expected server name (like localhost
), preventing access via the public tunnel URL.
Keywords: host header validation, blocked request, localhost, tunnel, expose local server, Vite allowedHosts, CORS, reverse proxy.
The Solution: Rewriting the Host Header
Webhook Relay tunnels provide a simple solution with the --rewrite-host-header
flag for the relay connect
command. When enabled, the tunnel automatically changes the Host
header of incoming requests to match your local destination server's hostname (e.g., localhost
) before forwarding the request.
This satisfies your local server's host header validation, allowing requests through the tunnel.
To enable this feature, add the flag to your command:
relay connect -n blog --rewrite-host-header localhost http://localhost:3000
Benefits:
- No configuration changes: Avoids modifying your local web server or framework settings.
- Works out of the box: Simple flag activation is all that's needed.
- Instant sharing: Easily share your local development environment with colleagues or integrate with external webhooks.
With this command, requests to your public tunnel URL will have their Host
header rewritten to localhost
before reaching your application on http://localhost:3000
, resolving validation errors seamlessly.