✨ NEW · Bare Metal Servers with 20G Dedicated Unmetered Bandwidth → read more ✨ NEW · 20G Dedicated Unmetered Servers → STATUS
4.6Trustpilot Contact Sales Get Started

Guides & Tutorials Bare Metal Servers

Fix Dell iDRAC 400 Bad Request (HostHeaderCheck)

Sep 5, 2025 2 min read

Overview

On some Dell PowerEdge servers, the iDRAC web interface (HTTP/HTTPS) may return 400 Bad Request and become inaccessible. The root cause is the HostHeaderCheck security feature rejecting requests when the HTTP Host header does not match the iDRAC’s configured hostname. This guide shows a secure fix (preferred) and a temporary workaround, using racadm from the installed OS or via direct SSH to iDRAC.

If you are deploying iDRAC across Netrouting bare metal dedicated servers, use the secure method to keep your management plane hardened.

Before You Start

  • Ensure you can access the host OS (or have SSH access to iDRAC).
  • Confirm the intended iDRAC DNS name (e.g., idrac01.example.com) resolves to the iDRAC IP.
  • Install racadm on the host OS if you’ll run commands locally.

Secure Fix (Recommended): Configure the Correct Hostname

This preserves iDRAC’s header validation by setting a matching ManualDNSEntry. Replace $hostname with your iDRAC’s actual FQDN (e.g., idrac01.example.com).

Option A — racadm from the Installed OS

racadm set idrac.webserver.ManualDNSEntry $hostname # optional: restart iDRAC web to apply

Option B — SSH Directly Into iDRAC

ssh root@<idrac-ip> set idrac.webserver.ManualDNSEntry $hostname # optional: restart iDRAC web to apply

Verify

  • Confirm DNS: dig +short $hostname returns the iDRAC IP.
  • Browse to https://$hostname/. The web UI should load normally.

Temporary Workaround (Not Recommended): Disable HostHeaderCheck

Only use this to regain access quickly if you cannot fix DNS or hostname immediately. Disabling HostHeaderCheck weakens protection against certain Host header–based attacks. Re-enable it after setting the correct hostname.

Option A — racadm from the Installed OS

racadm set idrac.webserver.HostHeaderCheck 0 # optional

Option B — SSH Directly Into iDRAC

ssh root@<idrac-ip> racadm set idrac.webserver.HostHeaderCheck 0

Re-enable Later (after hostname/DNS is correct)

racadm set idrac.webserver.HostHeaderCheck 1 # or via SSH: # racadm set idrac.webserver.hostheadercheck 1 # in SSH session

Troubleshooting Tips

  • DNS mismatch: Ensure the A/AAAA record for $hostname points to the iDRAC IP used for management.
  • Certificate warnings: If using HTTPS with a custom cert, update CN/SAN to include $hostname.
  • Browser cache: Clear cache or try an incognito window after changes.
  • No racadm in OS: Use the SSH method directly on iDRAC.

Related Resources

Summary

If your iDRAC web UI shows 400 Bad Request, keep security intact by setting idrac.webserver.ManualDNSEntry to the correct hostname (with matching DNS). Only disable HostHeaderCheck as a temporary measure, then re-enable it once hostname/DNS is corrected. This approach maintains a hardened management plane across your Netrouting dedicated servers.

Built for production

Why teams stay with Netrouting

We connect you to the Internet using network engineers (and not order takers) and hardware and infrastructure that is built to last, so we can pick up where you left off when you need us.

  • Expert-Level Support Our staff is available 24 hours a day, 7 days a week to handle network administration and systems management issues as they occur.
  • Scalable Solutions Build whatever depth or breadth your infrastructure needs and then scale as required.
  • Enhanced Security Enable 2-factor authentication and also limit by IP address from the control panel to secure your account.
  • Cost-Efficient Infrastructure You will always receive the best value from your investment as you will be optimized for budget without any compromise on Quality.

$ netr deploy --ready

Ready to deploy?

200+ teams rely on Netrouting for bare metal, cloud, GPU servers and colocation. Easy to order servers within minutes. We also love to design custom servers for you and your business, with our experienced engineers.

Browse plans Talk to engineering