Before DNS became a network standard, the /etc/hosts file was used to resolve an IP address to a fully qualified domain name (FQDN). This file can be used to manually link an FQDN to an IP address, such as a test server or internal network workstation, without editing DNS server entries. Care should be taken when editing this file. Browsers use it prior to DNS server lookups, and any mistakes can cause issues connecting to a domain or cause users to connect to the wrong server if it isn’t formatted correctly.
What Is the /etc/hosts File in Linux?
The /etc/hosts file is a plain text file used in matching an FQDN with the server IP hosting a specific domain. It’s useful if a DNS server is not available when a user wants to access a domain from their browser. When the DNS server cannot be reached, Linux uses the /etc/hosts file to resolve the domain name.
Note that occasionally the /etc/hosts file is misspelled as /ect/hosts in documentation. This misspelling can be confusing for new developers or operating system users, but know that the correct spelling is /etc/hosts. Configurations for the /etc/hosts file are the same across all modern Linux distributions including Debian 12, Mint 22.1, SUSE Linux 15, Fedora 40 and Ubuntu 23.10.
Modern environments only use a hosts file for testing and staging. Using the /etc/hosts file is faster for system performance, but it’s not feasible over standard DNS resolution. With billions of IP addresses—both IPv4 and IPv6—available on the internet, it’s not feasible to use a hosts file for resolution. Most hosts files have a few static entries, mainly internal IP addresses, but open internet resolution works with DNS.
Why Would Someone Modify the /etc/hosts File in Linux?
Suppose that you have a production server available to the public internet, but you need to test a new upcoming version of your website on a publicly available server. The test server is also available on the internet, but you can’t change DNS settings to point the current domain to the new server IP before you test the new server. Using the /etc/hosts file, you can point your local development workstation only to the new server IP address and associate it with the production domain name without interrupting service for everyone else.
System administrators must format the /etc/hosts file properly for it to function on a Linux workstation. Any errors in the /etc/hosts file will leave the user unable to access certain domains, so any changes to Linux machines on an environment should be tested prior to deployment.
Linux deployments in the cloud also have an /etc/hosts file, but it should be used with caution. It’s common to use the hosts file in the cloud for testing and staging environments, but it can cause issues in production. Production servers should all be the same, so the hosts file across all servers must be updated. If they are not, production applications could have different results and potentially damage data or present bugs. Without documentation, developers would struggle to troubleshoot application issues.
Automation software can deploy applications that rely on the /etc/hosts file. Ansible, Puppet, or Chef can deploy changes to a hosts file. Automation software is more reliable for consistency across Linux servers and reduces the chance of errors. It’s especially useful in environments where multiple /etc/hosts files must be deployed for a large application.
Linux hosts files are part of the system, but third-party options are available. Administrators can work with systemd-resolved or dnsmasq. Both applications can be configured to resolve IPs to their respective hostnames and domain names. Both can act as a DNS forwarder and Dynamic Host Configuration Protocol (DHCP) server.
What Is the Correct /etc/hosts Format?
The /etc/hosts file stores plain text content, but it requires a specific format. The format is:
<IP_address> <fully_qualified_domain_name>
Notice that a tab is used in this template. A tab is preferred for ease of reading, but a single whitespace character will also work. Every entry should be on its own line, so a carriage return indicates the end of a host entry.
Also, host entries should have comments added to the file explaining their usage in the interest of clarity for administrators and workstation users. Comments are preceded by a hash character. The following is the template for DNS entries with comments:
# comments to here
# more comments here
<IP_address> <fully_qualified_domain_name>
Comments don’t require any standard format provided the hash character precedes the comment entry. You can have multiple comments, but every line must start with a hash character.
Troubleshooting and modifying the hosts file can be done from a terminal in Linux. All edits to the hosts file require elevated privileges, so you must have permission to edit it on the server. Type the following command into the terminal application to open and edit the file:
sudo -i gedit /etc/hosts
For administrators that prefer Vim, type the following:
sudo vim /etc/hosts
An Example of the /etc/hosts File in Linux
You might already have entries in your /etc/hosts file, but you can add more using a simple text editor. You can also remove entries, but remember that the DNS server must be available to reach the domain from a web browser.
The following is an example of a Linux /etc/hosts file:
# My example host file entries
185.233.11.1 myapp.mydomain.com
185.233.11.2 mydomain.com
185.233.11.3 production-db.mydomain.com
The above example points the mydomain.com domain to 185.233.11.2 and then points two subdomains to two other IP addresses. When users type mydomain.com into their browser with the above /etc/hosts file stored on their local machine, the browser uses 185.233.11.2 to query the remote server for a web response. The IP address can be any server or workstation on the network, but it must be accessible from the user’s local machine.
The hosts file also supports IPv6 entries. Hosts file formatting for IPv6 follows the same rules as an IPv4 address. The following is an example entry for an IPv6 address:
#example IPv6 host entry
2001:db8:1::1 example.com
Differences in /etc/hosts File in Mac and Windows vs. Linux
A host file is a standard plain text document used in any operating system. The format is globally accepted, so you’ll find that the hosts file stored on a Mac, Windows, and Linux workstation or server are formatted the same. The only difference in hosts files across disparate operating systems is the text editor you use to make changes to them.
Tips and Tricks for Modifying a /etc/hosts File
Before you edit a /etc/hosts file, especially on a critical system like a production server, always make a backup of it before making changes. Backups protect from accidental mistakes on entries or when the file corrupts after saving. You can recover your /etc/hosts file easily if any changes render the local machine unable to access domains.
The text editor that you use depends on the operating system. A hosts file is formatted the same across operating systems, but administrators usually use text editors native to the operating system when the file must be edited. You could use an alternative text editor, but normally the text editor used is:
- Notepad for Windows
- Vim for Linux
- Terminal for Mac
Wildcard entries aren’t possible in a /etc/hosts file. You might have a wildcard SSL/TLS certificate for a server and must test it, but you cannot add a wildcard for a subdomain in the /etc/hosts file. You must manually add each entry, or you can use a third-party application to handle wildcard entries.
When you edit a file, make sure you leave comments on new, revised, or removed entries. It’s custom to comment out an entry and test the new /etc/hosts file prior to completely deleting it. By commenting it out first, you can quickly reverse the changes should removing an entry cause any serious issues.
When users access a domain and the entry is found in the hosts file, the browser gives no indication that the IP being used comes from the hosts file rather than a DNS server. Attackers can use the hosts file to trick users into thinking that they are accessing a legitimate site when really the site is phishing for credentials. Anti-malware applications redirect users to innocuous sites using a hosts file as a form of defense against malicious websites.
Conclusion
Understanding foundational system files like /etc/hosts is part of a broader security posture that helps define who can access what on a machine and how resources are resolved; a crucial component of Zero Trust infrastructure. As Kishore Vutukuri, Enterprise Architect at Ernst & Young, put it:
Kishore Vutukuri, Enterprise Architect at Ernst & Young
Editing the /etc/hosts file is common, especially for network administrators or developers testing a new server or application hosted on a new server. Take care to follow the format and don’t forget comments so that entries are easily understood by other administrators. Back up the file before editing it so that you can recover if the file gets corrupted after changes.ack up the file before editing it so that you can recover if the file gets corrupted after changes.
Join the Everpure Community
Network with storage peers and get your Everpure product questions answered.
Scale Linux-based Infrastructure with Confidence
Take your infrastructure to the next level with Portworx by Pure Storage—the leading Kubernetes-native data platform for scalable, secure, and resilient cloud-native apps.
