Contrary to the PHP documentation,
$_SERVER['HTTP_HOST'] can include the port number.

The HTTP/1.1 header spec does include the port number in the Host: field (unless it's the default), but the HTTP_HOST entry in the server variables array in PHP is not supposed to: the official documentation makes no mention of it and some of the community documentation I found specifically assumed it was not the case.

The server in question is my back-end instance of Apache (on a non-standard port), which receives proxied requests from another instance running on the same machine (on the default port). It's running Apache 2.0.54 and PHP 4.3.10.

It might be an Apache (mod_proxy, perhaps) bug that appends the port twice, which the second daemon gracefully ignores while only stripping one from its Host: environment variable. A little testing suggests that the %{Host}i that you can log already has the port removed, except in the cases where I found the port in $_SERVER['HTTP_HOST']. Whether PHP has a bug is unclear; it would be nice if it checked for the port number and removed it when necessary, since everyone assumes it won't be there.

The problem did not occur every time. In fact, it mainly happened when the query string was long. Even then, it would get through OK at times (it might be that it behaved properly on the first request of a kept-alive connection then included the port number on subsequent attempts, but that's speculation). I don't even know enough about Apache and PHP to work out if there's a bug and if so who it needs reporting to, although if you are such a person I've got a little more information I could dig out.

Anyway, my hope in saying this is to save people from the research and testing I had to do to work it out. If your code makes decisions or builds URLs using $_SERVER['HTTP_HOST'] and doesn't behave as expected, consider checking the HTTP_HOST for a colon and using only the segment before it appears.