Testing Sites Without Changing DNS – Hosts Files Demystified – Windows – Mac – Linux

Wikipedia’s “definition” is:

The hosts file is one of several system facilities to assist in addressing network nodes in a computer network. It is a common part in a operating system’s Internet Protocol (IP) implementation, and serves the function of translating human-friendly hostnames into numeric protocol addresses, called IP addresses, that identify and locate a host in an IP network.
In some operating systems, the host file content is used preferentially over other methods, such as the Domain Name System (DNS), but many systems implement name service switches (.e.g., nsswitch.conf) to provide customization. Unlike the DNS, the hosts file is under the direct control of the local computer’s administrator.

(Source)

Now in plain English:

The hosts file is text file operating systems use map hostnames (domains/subdomains) to IP addresses essentially bypassing DNS resolution.

The hosts file contains lines of text consisting of an IP address in the first text field followed by one or more hostnames, each field separated by white space (I normally space things out so that the hostnames all line up because I’m crazy like that). Comment lines may be included; they are indicated by a hash character (#) in the first position of such lines. Entirely blank lines in the file are ignored.

Here is an example of a hosts file:


#This is an example of the hosts file
127.0.0.1 localhost loopback
::1 localhost

The address localhost of course being an address that allows you to access the machine you are currently on without knowing your IP address.

There are many reasons someone would want to edit a hosts file, the most common use is a web developer or designer who is testing a website after moving it to a new server before changing DNS settings for the world to see. There are also nefarious reasons that this file gets edited such as a malicious application making it so that a website you login to (such as a bank site or email service) to steal logins. The ones that are executed very well will often even act as a proxy and and actually allow you to access your account so you don’t even notice something happened!

I know that may sound scary (and some of you are asking, “Why are you teaching people to do this?”) but it is not as big of an issue as it used to be now that most operating systems require confirmation from an administrator level user to edit the file. It is a good idea to understand how to read and edit a hosts file so you can not only use the file for testing websites but also be able to know if your hosts file has been edited in some malicious way.

Another not quite as common use of the hosts file is to use it to block websites that are known to distribute malicious software or advertisement services. There are some good pre-formatted lists out there for this purpose (they also include instructions on how to use them).

http://hostsfile.mine.nu/
http://www.mvps.org/winhelp2002/hosts.htm
http://hosts-file.net/

To edit a hosts file you must first know where to find the file. The list below will break down some common operating systems, if you need information about how to do this on a system not listed below please drop me a line in the comments.

Windows 95 – Me

Location: %WinDir% (Typically C:\Windows\hosts)

Windows NT, 2000, XP, Vista, and 7

Location: %SystemRoot%\system32\drivers\etc (Typically C:\Windows\system32\drivers\etc\hosts)

Note: You will need to make sure that you have show hidden files turned on.  For Windows Vista and 7 you will need to launch your text editor as an administrator.

Mac OS 9 and Earlier

Location: System Folder

Mac OS X 10.0 – 10.1.5

This one is a bit more difficult, see Apple’s Article

Mac OS X 10.2+, iOS and almost all other *nix based systems

Location: /private/etc/hosts or /etc/hosts

Note: You will need to edit this file as root (administrator privileges)

2 thoughts on “Testing Sites Without Changing DNS – Hosts Files Demystified – Windows – Mac – Linux

Leave a Reply

Your email address will not be published. Required fields are marked *