nginx
protocol_error
ai_generated
true
upstream sent invalid host header while connecting to upstream
ID: nginx/invalid-host-header-upstream
85%Fix Rate
82%Confidence
1Evidence
2024-03-10First Seen
Version Compatibility
| Version | Status | Introduced | Deprecated | Notes |
|---|---|---|---|---|
| nginx 1.24.0 | active | — | — | — |
| nginx 1.22.1 | active | — | — | — |
| nginx 1.20.2 | active | — | — | — |
Root Cause
The upstream server responded with an invalid or malformed Host header (e.g., empty, non-ASCII, or too long), causing nginx to reject it during response processing.
generic中文
上游服务器返回了无效或格式错误的 Host 头部(例如空值、非 ASCII 字符或过长),导致 nginx 在处理响应时拒绝。
Official Documentation
https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_set_headerWorkarounds
-
90% success Fix the upstream application to return a valid Host header (e.g., ensure it's a non-empty ASCII string). For example, in a Node.js app: `res.setHeader('Host', req.headers.host || 'example.com');`
Fix the upstream application to return a valid Host header (e.g., ensure it's a non-empty ASCII string). For example, in a Node.js app: `res.setHeader('Host', req.headers.host || 'example.com');` -
70% success Use proxy_pass with a specific IP and set the Host header manually in nginx: `proxy_set_header Host $proxy_host;`
Use proxy_pass with a specific IP and set the Host header manually in nginx: `proxy_set_header Host $proxy_host;`
-
80% success Inspect upstream logs to see the exact Host header being sent and sanitize it in the upstream application code.
Inspect upstream logs to see the exact Host header being sent and sanitize it in the upstream application code.
中文步骤
Fix the upstream application to return a valid Host header (e.g., ensure it's a non-empty ASCII string). For example, in a Node.js app: `res.setHeader('Host', req.headers.host || 'example.com');`Use proxy_pass with a specific IP and set the Host header manually in nginx: `proxy_set_header Host $proxy_host;`
Inspect upstream logs to see the exact Host header being sent and sanitize it in the upstream application code.
Dead Ends
Common approaches that don't work:
-
80% fail
This controls the request header sent to upstream, not the response header from upstream.
-
60% fail
The issue is often in the upstream application logic that generates the response header.
-
90% fail
proxy_ignore_headers does not apply to the Host header; it applies to other headers like Cache-Control.