About Host headers

  • Article

When a browser application generates an HTTP GET request, including an HTTP GET request sent over an SSL channel, it contains a Host header, which is derived from the host name specified in the URL by the user. When Microsoft Forefront Threat Management Gateway receives an incoming GET request, it determines whether the request is allowed and then routes the request to the appropriate location on the Web server as defined in the applicable Web publishing rule. By default, the request passed by Forefront TMG to the published server does not contain the Host header (for example, Host: www.fabrikam.com) that was included in the original client request. Instead, Forefront TMG replaces the host name in the original Host header of the request with the host name or IP address specified as the internal site name in the Web publishing rule. As a result, all requests that are routed to a particular Web server are sent to the same (default) Web site on that Web server.

The Host header in an incoming GET request may contain one of several fully qualified domain names (FQDNs) that resolve to the same IP address. In this case, the Host header distinguishes between the different FQDNs that share a single IP address and can be used to route requests to different Web sites on the same server. When you configure a Web publishing rule to forward the original Host header to the published server, you can use a single Web publishing rule in order to publish multiple Web sites on the same Web server. In this case, each request allowed by the Web publishing rule is routed to the requested Web site on the published Web server.

When you create a Web publishing rule for a SharePoint site by using the New SharePoint Publishing Rule Wizard, Forefront TMG configures the rule to forward the client’s original Host header to the published SharePoint site. SharePoint uses the information in the Host header in order to determine the zone to which the remote client belongs for alternate access mapping. In particular, this enables SharePoint to differentiate between external requests for which it provides translated links, and internal requests for which it provides internal links.

For instructions, see Configuring the name of the Web server to publish.