How to inspect the HTTP headers received by your web server

Recently I came across a question I didn’t know the answer to. The question was: “How to check which HTTP headers are received by my application?”. After some research I found the answer and, in this post, I will show you how to find the HTTP headers received by your web server or application.

Nginx Web Server
Nginx Web Server

Check if the Web Server is running

Let’s assume that you are running a web server (apache or nginx), and you are curious which HTTP headers are sent by your clients and which HTTP headers your web server is receiving.

You can find this information by running a tcpdump command with some arguments.

In my lab, I am running an apache web server on an Ubuntu Linux host.

To confirm this, you can run a ss or netstat command.

sudo ss -tlpn | grep 80
Checking if the Web Server is running

Another command that you can use is the systemctl status.

systemctl status apache2
Checking if the Web Server is running

Send the client request with custom headers

In order to check if the headers are received by the Linux host, first you need to send them. I am using the curl command for this purpose, but if you do not want to use the CLI and prefer to use the UI, you can use an application like Postman, for example.

curl --header "Accept: text/javascript" --header "X-Test: hello" -H "X-Custom-Header: value"  -v http://www.example.com
Sending the client request with custom HTTP headers

Inspect the traffic on the Web server with tcpdump

The last step is to check if the HTTP headers are received by the application. For this, we will run a tcpdump command similar to the one below.

sudo tcpdump -i enp0s8 -A 'tcp port 80 and (((ip[2:2] - ((ip[0]&0xf)<<2)) - ((tcp[12]&0xf0)>>2)) != 0)'
Inspecting the traffic with tcpdump utility

As you can see from the above image, the HTTP headers are displayed in the output of the tcpdump command.

I hope you find this post helpful.

What method do you use to get the same result? Please share your thoughts in the comments.

Processing…
Success! You're on the list.

Leave a Reply