.localhost Domains - Hacker News

Posted by todsacerdoti 4/10/2025

302 points | 196 commentspage 3

andrewstuart2 4/10/2025|

I haven't done it for a while (I've mostly just used 127.*), but I found the best one to use for dev purposes was the IETF-reserved `.test` TLD [0]. The main benefit at the time I was messing with this (10ish years ago now) was that all the browsers I needed to test on would actually attempt to resolve `.test`. If I remember correctly, firefox seemed to have issues with `localhost` being anything other than 127.0.0.1 (and would simply go to that address ignoring whatever was in /etc/hosts or DNS, again IIRC). It's been a while, though, so that behavior might have changed.

[0] https://datatracker.ietf.org/doc/rfc2606/

jeroenhd 4/10/2025||

.test seems like an excellent choice for testing/debugging/developing applications, but for running services you want to use I'd stick to .internal these days, as it was reserved for local domains last year.

numbsafari 4/10/2025||

This is what I've done for years: doing app development using the .test TLD, and .internal for, well, internal services that are more like "production IT".

I've had nothing but trouble with .local and .localhost. Specifically, .local is intended for other purposes (multicast DNS) and .localhost has a nasty habit of turning into just "localhost" and in some cases, resolvers don't like to allow that to point to anything other than 127.0.0.1.

More recently, I've stuck to following the advice of RFC 6762 and use an actual registered TLD for internal use, and then sub-domain from there. I don't use my "production" TLD, but some other, unrelated TLD. For example, if my company is named FOO and our corporate homepage is at foo.com, I'll have a separate TLD like bar.com that I'll use for app development (and sub-domain as dev.bar.com, qa.bar.com, and maybe otherqa.bar.com as needed for different environments). That helps avoid any weirdness around .localhost, works well in larger dev/qa environments that aren't running on 127.0.0.1, and allows me to do things like have an internal CA for TLS instead of using self-signed certs with all of their UX warts.

For "local network" stuff, I stick to ".internal" because that's now what IANA recommends. But I would distinguish between how I use ".internal" to mean "things on my local network" from "this is where my team deploys our QA environment", because we likely aren't on the same network as where that QA environment is located and my ".internal" might overlap with your ".internal", but the QA environment is shared.

lima 4/10/2025||

For development, "localhost" has a convenience bonus: it has special treatment in browsers. Many browser APIs like Service Workers are only available on pages with a valid WebPKI cert, except for localhost.

djanowski 4/10/2025||

Recently I started to work on a very simple tool to do this with a single command: it'll start all your projects in a given directory and expose them via HTTPS on https://[project].localhost

No daemons, and the only piece of configuration is adding a file to /etc/resolvers: https://github.com/djanowski/hostel

I've been using it for myself so it's lacking documentation and features. For example, it expects to run each project using `npm run dev`, but I want to add Procfile support.

Hopefully other people find it useful. Contributions very much welcome!

jdprgm 4/10/2025||

I do something similar with Caddy but add dns-sd to broadcast on mDNS so i can just hit myapp.local from anywhere on my network and don't have to do anything with hosts and it just works. Been on my todo list to wrap this into a tiny mac menubar app.

mmanfrin 4/10/2025||

The comments here all suggesting different arcane and complicated stacks of different devops solutions and certificates and configurations and services has me somewhat despairing that such a COMMON usecase is still so annoyingly obtuse.

AStonesThrow 4/10/2025||

I pondered the question of local-only domains since long ago, and in consultation with Chris Siebenmann, I determined that the most courteous way was actually to subdomain from my ISP.

That’s right: I invented a fictitious subdomain under one my ISP controlled and I never registered it or deployed public DNS for it. It worked great, for my dumb local purposes.

Example:

  aten.mysub.isp.net.
  porta.mysub.isp.net.
  smartphone.mysub.isp.net.

Thus it was easy to remember, easy to add new entries, and was guaranteed to stay out of the way from any future deployments, as long as my ISP never chose to also use the unique subdomain tag I invented...

defraudbah 4/10/2025||

People used localtest.me back in the days :)

https://weblogs.asp.net/owscott/introducing-testing-domain-l...

flowerthoughts 4/11/2025||

I just use https://myapp.localhost:2948 so I don't need to remember the port number. The browser autocomplete handles that, so I don't really see the need for server-side help.

BTW, there seems to be some confusion about *.localhost. It's been defined to mean localhost since at least 2013: https://datatracker.ietf.org/doc/html/rfc6761#section-6.3

staticelf 4/11/2025||

It's easy with Caddy to setup it in a way that you can have your api and SPA app in under the same domain in order to avoid CORS-issues.

myapp.localhost { tls internal

    # Serve /api from localhost:3000 (your API)
    @api path /api/*
    handle @api {
        # Remove the leading "/api" portion of the path
        uri strip_prefix /api
        reverse_proxy 127.0.0.1:3000
    }

    # Fallback: proxy everything else to Vite's dev server on 5173
    handle {
        reverse_proxy 127.0.0.1:5173
    }

}

You're welcome.

dh1011 4/11/2025||

Thanks for sharing!

This is cool, but it only seems to work on the host that has the /etc/hosts loopback redirect to *.localhost. I run my app on a home server and access it from multiple PCs on the LAN. I have several apps, each associated with a different port number. Right now, I rely on a start page (https://github.com/dh1011/start-ichi) to keep track of all those ports. I’m wondering if there’s an easy way to resolve custom domains to each of those apps?

globular-toast 4/11/2025|

You need to install a DNS server in your network and configure everything to use it (probably via DHCP). Then you can configure whatever you like. Dnsmasq is quite easy to get started. There are handy integrated solutions like pihole that combine DHCP and DNS. I run things like this on my router (opnsense).

More comments...