Ssl::match_domain( string|WpOrgRequestsStringable $host, string|WpOrgRequestsStringable $reference ): boolean

In this article

Match a hostname against a dNSName reference


Requested host
dNSName to match against


boolean Does the domain match?


public static function match_domain($host, $reference) {
	if (InputValidator::is_string_or_stringable($host) === false) {
		throw InvalidArgument::create(1, '$host', 'string|Stringable', gettype($host));

	// Check if the reference is blocklisted first
	if (self::verify_reference_name($reference) !== true) {
		return false;

	// Check for a direct match
	if ((string) $host === (string) $reference) {
		return true;

	// Calculate the valid wildcard match if the host is not an IP address
	// Also validates that the host has 3 parts or more, as per Firefox's ruleset,
	// as a wildcard reference is only allowed with 3 parts or more, so the
	// comparison will never match if host doesn't contain 3 parts or more as well.
	if (ip2long($host) === false) {
		$parts    = explode('.', $host);
		$parts[0] = '*';
		$wildcard = implode('.', $parts);
		if ($wildcard === (string) $reference) {
			return true;

	return false;

User Contributed Notes

You must log in before being able to contribute a note or feedback.