There are literally many thousands of files that provide the functionality of the macOS. The majority of these files will never be directly accessed by the average Mac user and will be called upon by the OS to perform their designated task when required to do so. There are, however, some files that you may need to access and even edit in order to modify your computer or recover from a virus or malware attack. One of these is your Mac’s hosts file.
In this article, we will look closely at this important file that is a critical component which allows your computer to access a network or the Internet. We will show you how to edit this file and run through some scenarios that may necessitate making changes that impact network activity. Let’s get started.
What is a Mac Hosts File?
The hosts file is a text file that is comprised of a list of host names and their corresponding IP addresses. It basically serves as a database of domain names which your operating system employs to identify and locate hosts on an IP network.
When your machine needs to look up an IP address it will first search the hosts file. If the requested name is not in the local host file, the next step is to attempt to resolve the address using a Domain Name Service (DNS) server. The request will fail if the name cannot be found via the DNS server.
The IP lookup sequence described above indicates that the hosts file has precedence when determining a host’s address. This means that entries in the hosts file will negate any DNS lookup for the named hosts. We will discuss how this can be used both for beneficial and malicious purposes later in the article.
How to Edit the Hosts File on Your Mac
The plain-text of the hosts file is identical regardless of the operating system on which it is used. All operating systems employ the same hosts file format. It is made up of lines of text identifying a numeric IP address and the corresponding host name. For example, this entry
123.123.123.123 thebest.website.com
tells us that thebest.website is located at 123.123.123.123. Your computer would use this information to directly navigate to the site without requiring a DNS lookup.
Where the file is located in the file system hierarchy is, however, dependent on the computing platform. On macOS machines, the file is located at /etc/hosts. Since it is a text file, you can essentially use any text editor to make modifications.❗ Do not use a word processor. ❗
For the purposes of this demonstration, we will use the nano text editor that is included with macOS Sierra and later versions. Help on using nano can be found here.
Follow these steps to edit your Mac’s hosts file:
- Open the Terminal application which can be found by opening a Finder window and navigating to Applications and then Utilities.
- In the Terminal window enter the following command: sudo nano /etc/hosts
- You will be prompted for your administrators password which will need to be provided to edit this file. This restricts non-administrators from making unauthorized changes that could impact the system. Type in your password and press Return.
- You will see something like this very simple hosts file.
# Host Database
#
# localhost is used to configure the loopback interface
# when the system is booting. Do not change this entry.
##
127.0.0.1 localhost
255.255.255.255 broadcasthost
::1 localhost - There are no hosts specified in this file which means that all IP lookups will be done via a DNS server. To add hosts, insert a line after the localhost entry and type in the address and domain name.
If you intend to make changes to your hosts file, we suggest that you first make a copy of it to revert to if necessary.
Take special note of the localhost entry and the IP address of 127.0.0.1. This is the loopback address. Using this address simply returns control to the local machine. This essentially blocks access to domains with an address of 127.0.0.1.
You can create an extensive hosts file to exert control over how your computer access hosts over the network. This is often required in corporate settings where internal networks are employed. You can also leave the hosts file alone and let DNS handle locating and forwarding your network traffic.
Reasons to Edit your Mac’s Host File
Since the absence of an entry for a designated domain in your hosts file does not preclude you reaching that site through a DNS lookup, you might be wondering why you would ever want to edit it. There are several reasons why editing your hosts file makes sense to improve your speed when connecting over the network. You may also encounter situations where the hosts file is not working as it was intended to and is causing connection failures or other issues with your network traffic.
Here are some reasons to take the time to edit your hosts file
- Reason #1
Reduce IP lookup time – Specifying an address and domain name in your hosts file will save a few milliseconds each time you access that site. The time savings is minimal, but the hosts file will also come into play by providing the address in the event that the DNS server you are using is unavailable for some reason. - Reason #2
Controlling Internet access – This may well be the most often reason cited for editing the hosts file. The loopback address mentioned previously, 127.0.0.1 sends all requests back to the local computer. This means that domains that are assigned this address are unreachable from the computer in question. Administrators can make changes to user’s machines to limit their ability to access frivolous or dangerous sites while on a company computer. Tech-savvy parents may want to edit the hosts file on their child’s computer for safety’s sake. - Reason #3
Recovering from a malware attack – The power of the hosts file can be experienced through the concept of site redirection. Any address can be associated with any domain in the hosts file. This means that by changing the numerical address, you can spoof a domain name and direct traffic intended for the site to a different location. Using this technique is popular among malware distributors who can gain access to your hosts file and modify it to direct innocent traffic to malicious sites. You may have to remove or correct entries in your hosts file after encountering a malware or virus attack.
Conclusion
Today, many users never access their hosts file and get along quite well using DNS servers to lookup IP addresses. While you may never need to edit your hosts file, having the ability to do so gives you control over how your computer interacts with the Internet.