Make WordPress Core

Opened 5 years ago

Last modified 4 months ago

#47733 reviewing defect (bug)

Undefined index HTTP_HOST in wp-includes/ms-settings.php on line 57

Reported by: jochent's profile JochenT Owned by: sergeybiryukov's profile SergeyBiryukov
Milestone: Future Release Priority: normal
Severity: minor Version: 5.2.2
Component: Bootstrap/Load Keywords: has-patch dev-feedback
Focuses: multisite Cc:


We get requests on our server of the form

175.143.12.??? - - [30/Jun/2019:10:22:45 +0200] "GET / HTTP/1.0" 500 73873 "-" "-" (

This request uses HTTP/1.0 and results in a status code 500. The related entry in the PHP error log is

	[30-Jun-2019 08:22:45 UTC] PHP Notice:  Undefined index: HTTP_HOST in /usr/www/xxxx/wp-includes/ms-settings.php on line 57
  1. In ms-settings.php on line 57 it is not checked if
    is set.
  2. Also I've found that in the case of this specific request
    is defined and not empty and can be used as a replacement.

My suggestion is to first check if


is set else check if


is set and if both are not set to implement a graceful error handling.

This may be related to #34353.

WP 5.2.2
PHP 5.6.40
Server: Apache/2.4.25 (Debian)
WP_DEBUG = true

Attachments (1)

47733.diff (1.4 KB) - added by Mte90 3 years ago.
adding patch also here so I can find the ticket inside trac as contributor

Download all attachments as: .zip

Change History (11)

#1 @JochenT
5 years ago

Further info:
Apache sets HTTP_HOST to the correspondending value in the header of a HTTP request. As mentioned in the doc for the UseCanonicalName Directive ancient clients may do not provide a 'Host:...' header.

In such cases SERVER_NAME may be used to construct self-referential URLs. The question is if it still makes sense to support these ancient clients.

Nevertheless, in case HTTP_HOST is missing a convenient error handling should be added.

This ticket was mentioned in PR #195 on WordPress/wordpress-develop by Mte90.

4 years ago

Trac ticket:

A simple patch just to test also the new GitHub environment for contribution :-)

#3 @Mte90
4 years ago

  • Keywords has-patch dev-feedback added; needs-patch removed

Patch refreshed :-)

#4 @SergeyBiryukov
4 years ago

  • Milestone changed from Awaiting Review to 5.6
  • Owner set to SergeyBiryukov
  • Status changed from new to reviewing

#5 @helen
4 years ago

  • Milestone changed from 5.6 to Future Release

Feels a bit late to try this for 5.6 since we're into beta 3 and I worry about unforeseen side effects.

#6 @Mte90
3 years ago

I see that the code in 2 years isn't changed.

3 years ago

adding patch also here so I can find the ticket inside trac as contributor

#7 @Mte90
22 months ago

Any hope for 6.1?

#8 @Mte90
17 months ago

@SergeyBiryukov there are some chances for 6.2?

#9 @walterebert
12 months ago

This error also occurs when calling wp-cron.php on the command line.

Tested with WordPress 6.2.2 and PHP 8.2.6.

#10 @Mte90
4 months ago

Any hope for the next versions?

Note: See TracTickets for help on using tickets.