Currently hitting a 403 Forbidden error when trying to expose local instances of strict servers (specifically the Ollama AI server) via ProxyHub.
The Problem:
Recent versions of Ollama (along with many modern dev servers like Vite/Webpack) have implemented strict DNS Rebinding protection. They validate the HTTP Host header and immediately reject requests with a 403 Forbidden if the Host header does not explicitly match localhost or 127.0.0.1.
Because ProxyHub passes the public proxy domain (e.g., xxx.proxyhub.cloud) directly in the Host header, the local server blocks the forwarded request.
How to reproduce the block locally:
curl -i -H "Host: my-tunnel.proxyhub.cloud" http://127.0.0.1:11434/
(Returns HTTP 403 Forbidden)
The Request:
Can we add a CLI flag that rewrites the Host header before forwarding the request to the local port? (Similar to how ngrok handles this with --host-header="localhost").
Example API:
npx proxyhub --port 11434 --host-header=localhost
Implementing this would immediately make ProxyHub compatible with these strict local servers without requiring users to run secondary local proxies to rewrite headers. Let me know what you think!
Currently hitting a
403 Forbiddenerror when trying to expose local instances of strict servers (specifically the Ollama AI server) via ProxyHub.The Problem:
Recent versions of Ollama (along with many modern dev servers like Vite/Webpack) have implemented strict DNS Rebinding protection. They validate the HTTP
Hostheader and immediately reject requests with a403 Forbiddenif theHostheader does not explicitly matchlocalhostor127.0.0.1.Because ProxyHub passes the public proxy domain (e.g.,
xxx.proxyhub.cloud) directly in theHostheader, the local server blocks the forwarded request.How to reproduce the block locally:
curl -i -H "Host: my-tunnel.proxyhub.cloud" http://127.0.0.1:11434/(Returns HTTP 403 Forbidden)
The Request:
Can we add a CLI flag that rewrites the
Hostheader before forwarding the request to the local port? (Similar to how ngrok handles this with--host-header="localhost").Example API:
npx proxyhub --port 11434 --host-header=localhostImplementing this would immediately make ProxyHub compatible with these strict local servers without requiring users to run secondary local proxies to rewrite headers. Let me know what you think!