It is safe to use lvh.me instead of localhost for testing?

dns localhost subdomain

16,345

Solution 1

Unless you are the maintainer of lvh.me, you can not be sure it will not disappear or change its RRs for lvh.me.

You can use localhost.localdomain instead of localhost, by adding the following lines in your hosts file:

127.0.0.1 localhost localhost.localdomain
::1 localhost localhost.localdomain

This is better than using lvh.me because:

you may not always have access to a DNS resolver, when developing
lvm.me does not answer with a local IPv6 address corresponding to your local host, only with the IPv4 address 127.0.0.1
some ISPs DNS resolvers block answers corresponding to private addresses space, for security purpose (to avoid leaking internal informations)

Since you said in a comment that you do not want to update the host file, you have no mean to be sure that lvh.me will always work for your developers. Therefore, to answer your question: it is not safe. You may register a domain for yourself, but as I said before, some resolvers will block answers corresponding to private addresses space.

Solution 2

lvh.me was not resolving to 127.0.0.1 on June 7, 2021. Depending on DNS names you don't control comes with this kind of risk. Although the domain name was reinstated by the end of the day, this answer offers some alternatives to depending on someone else's DNS configurations.

Both Firefox and Google Chrome now treat *.localhost names like localhost. They also do the right thing with port numbers.

To test it yourself, start a local http server listening to port 8000:

python -m http.server 8000

Then try these links

This trick does not help for command line programs. For example, this command will fail to resolve the host:

curl http://example.localhost:8000

Curl itself offers a lot of other tricks that might work for you if you need custom subdomains on the command line. For example, this trick works:

curl --resolve example.localhost:127.0.0.1 \
  http://example.localhost:8000

Also worth noting that a similar service is still available.

See https://readme.localtest.me.

One last alternative is to configure your own wildcard CNAME to resolve to 127.0.0.1. For example:

*.my.example.com.   1800    IN  CNAME   my.example.com.
my.example.com.     1800    IN  A       127.0.0.1

Solution 3

No because as of right now http://lvh.me has an expired domain.😬

Solution 4

Services like lvh.me or localtest.me are just DNS services, so the only thing you're publishing to them is the names or the hosts you're using. They could resolve to any IP at any time, but providing you use use them only for local tests with fake data, you'll be safe.

But what if they shut down the service? Again, since you should only use them for local tests, you'll get immediate feedback and can easily go back to using localhost.

View more solutions

16,345

Josu Goñi

Updated on June 04, 2022

Comments

Josu Goñi almost 2 years

I wonder whether is safe to use lvh.me instead of localhost when developing locally, since lvh.me must be resolved and the IP may change over time.

The goal of using lvh.me is to be able to handle subdomains, since localhost does not have top level domain.
- Franklin Yu almost 5 years
  
  I’m now using readme.localtest.me instead, because at least I can contact the maintainer.
- alexandre-rousseau almost 3 years
  
  lvh.me was just bought and do not work anymore
- jerm
  
  @RousseauAlexandre lvh.me works fine for me, fwiw.
Josu Goñi almost 6 years

The idea is not having to change the hosts file so you can clone the repo and start working.
Alexandre Fenyo almost 6 years

Which repo? Your question did not mention this constraint.
Josu Goñi almost 6 years

That is because I ask whether it's safe, it is a general question. Unless there is some kind of compromise to keep that domain pointing to 127.0.0.1 it is not.
Josu Goñi almost 6 years

With the hosts file you can even manually point lvh.me to 127.0.0.1.
Alexandre Fenyo almost 6 years

What do you exactly mean by safe?
icaromh almost 3 years

today is the day you are absolutely right.
Alexandre Fenyo almost 3 years

Nothing lasts forever!
Eric Dobbs almost 3 years

The original custodian of lvh.me gave up custody: "I’m not planning to renew it; it’s not something I’ve personally used in more than a decade making it a strange out of pocket expense for me." — twitter.com/levicook/status/1401935705199185924
jack blank almost 3 years

I want it back up. It's parked free by Godaddy
jack blank almost 3 years

What about transferring the session to a subdomain with the localhost. When I had LVH it worked fine.
Eric Dobbs almost 3 years

@jack-blank, I'll offer this educated guess (not sure what you mean by "transferring the session"). Short story: "yes." Longer story: web sessions depend on browser cookies for identification & browser cookies are scoped to domain names. Firefox & Chrome treat whatever.localhost like a domain name. So usual cookie rules apply. And server-side session data work as expected.
AlexChaffee over 2 years

See twitter.com/levicook/status/1402069015338512385 -- lvh.me went down briefly in June 2021 (the time this answer was written) but it's back up now. He got donations to keep it running.
Eric Dobbs over 2 years

Thanks for the update, @AlexChaffee. I've edited this answer accordingly.