File /etc/hosts

Published

December 17, 2024

Updated

December 17, 2024

What is the hosts file?

It’s a text file that can contain:

Lines of the form: IP address + hostname (domain) + alias (optional), separated by spaces. The IP address can be either IPv4 or IPv6.
Comments — text starting with ”#”.

Here’s an example of what it might look like:

# This is the IPv4 loopback address
127.0.0.1 localhost
# This is the IPv6 loopback address
::1       localhost

# Overridden address
127.0.0.1 skandar.dev

Its location differs depending on the operating system:

On macOS, Unix, and Unix-like systems, it is at /etc/hosts.
On Windows, it is at C:\Windows\System32\drivers\etc\hosts.

You can read more about this here.

You need superuser (administrator) privileges to edit this file.

Why do we need it?

When resolving a hostname, the system first checks if there’s a corresponding entry in the hosts file. If there is, it will return the IP address specified in that file and will not query a DNS server.

Let’s consider some common usage scenarios:

Speeding up address resolution. We can “tell” the system which IP address corresponds to a domain. Since the system already knows the IP address, it doesn’t need to make a DNS request, reducing the response time by the duration of that request.
Blocking ads, trackers, and malicious sites. By using the hosts file, we can block requests to advertising services and trackers. There are even publicly available lists with such domains: example and another one.
Blocking license servers. Pirated applications can block requests to a license server so it can’t invalidate the cracked application or reset its pirate activation. Alternatively, they can substitute the license server’s address so that the app “thinks” the server is unavailable and continues operating in offline mode.
Blocking security updates. Attackers can prevent antivirus updates by blocking update servers in the hosts file.
Redirecting traffic through an attacker’s servers. In combination with other techniques, attackers can use fake DNS entries in hosts to redirect traffic through their own server. This allows them to intercept data, modify it on the fly, or inject malicious content.
Gaining access. A domain might be inaccessible due to technical issues or ISP-level blocking. If we know the resource’s IP address, we can specify it in hosts, and the system will not make requests to the provider’s DNS server.

Benefits in development

Overriding domain addresses can also be useful in development. Let’s consider a few examples of use cases:

Using services restricted by domain. A service may have a list of allowed domains for which it is available. For example, API keys in Google work this way.

127.0.0.1 skandar.dev

Testing code that depends on a domain/subdomain. For instance, if the application is available in different countries, it may change language and other settings depending on the subdomain. We can map the domain to localhost and then use the domain with subdomains locally.

Migrating to a new hosting provider. When changing hosting providers, it can take some time (up to 72 hours) for updates to reach the authoritative DNS server. Instead of waiting, you can add an entry with the new IP address to test how the application works on the new hosting right away.
Overriding an external resource. Sometimes your application uses a third-party API, and you want to replace it with a local variant, for example, a local dev server. By adding an overriding entry in hosts, you don’t need to change the code to do this.

The hosts file is a simple yet powerful tool that allows you to manage local IP address overrides for domains. The next time you need to run code that only works with a certain domain or subdomain, remember the hosts file — it will help you solve that problem.

What is the hosts file?

Why do we need it?

Benefits in development

Share this article with friends