Usually, we just type in the address of a website we want to view, but would a web server actually “know” if we used the direct IP address instead? Today’s SuperUser Q&A post has the answer to a confused reader’s question.
Today’s Question & Answer session comes to us courtesy of SuperUser—a subdivision of Stack Exchange, a community-driven grouping of Q&A web sites.
Photo courtesy of Cory M. Grenier (Flickr).
SuperUser reader Joseph A. wants to know how web servers can tell if you are using direct IP address access or not:
Some web servers, when accessed using their IP address, return an error that direct IP address access is not allowed. I have been wondering for some time how this works.
Does a browser always resolve the IP address and connect to it? Direct IP address access is just skipping DNS altogether, right? How does a remote server even know that you skipped DNS?
How do web servers know if you are using direct IP address access or not?
SuperUser contributor iAdjunct has the answer for us:
To answer your question of how it knows, it has to do with what your browser sends the web server. You are right that the system always resolves it to an IP address, but the browser sends the URL you attempted to access in the HTTP header.
Here is a sample header that I found online, modified to look as though you used Firefox on Windows and typed apple.com into the address bar:
Here is what the header would look like if you used its IP address:
Both of these would be sent to the same IP address over a socket, but the browser tells the web server what it accessed. Why? Because web servers with the same IP address may host multiple websites and give different pages for each. It cannot distinguish who wants which page by IP address because they all have the same one, but it can distinguish them by the HTTP header.
Have something to add to the explanation? Sound off in the comments. Want to read more answers from other tech-savvy Stack Exchange users? Check out the full discussion thread here.