Is this secure? (domain spoofing?)

I have 2 domains: -> points to my external ip -> points to an internal ip (

Some of my services I only want accessible from my LAN.
for those sevices i set Host to
traefik.http.routers.router1.rule=Host( (PathPrefix(/myservice)

Is it possible access from outside my LAN by somehow requesting that domain directly from my external ip?


Yes, it's possible. (so no, it's nos secure)

For example :

  • Edit your hosts file (/etc/hosts for linux, C:WINDOWS/system32/drivers/etc/hosts for windows)
  • Add the line <external_ip>
  • Save
  • Tadam !

In this example, I told my computer to resolve your local name with your remote IP.
With TLS, IP and domaine name are distinct.
With HTTP, this is the header Host to defien which domaine name you want to use.
So, applications are free to request your external IP with any domaine name.

You should listen to local IPs only.
(I can't help on this point, sorry ^^')


1 Like

With curl, it's even easier.

curl -H "Host:"
1 Like

Thanks, guessed it would be so, have to look into ip-whitelisting then. Tried the Curl method but was not able to get a reply from the intranet service so I was hoping that traefik did some magic that I did not know about.

This topic was automatically closed 3 days after the last reply. New replies are no longer allowed.