diff --git a/src/dns_conf.c b/src/dns_conf.c
index d92287dcf9d..cfbb9fb1452 100644
--- a/src/dns_conf.c
+++ b/src/dns_conf.c
@@ -717,6 +717,13 @@ static int _config_server(int argc, char *argv[], dns_server_type_t type, int de
 	server->server_flag = server_flag;
 	server->ttl = ttl;
 	server->drop_packet_latency_ms = drop_packet_latency_ms;
+
+	if (server->type == DNS_SERVER_HTTPS) {
+		if (server->path[0] == 0) {
+			safe_strncpy(server->path, "/", sizeof(server->path));
+		}
+	}
+
 	dns_conf_server_num++;
 	tlog(TLOG_DEBUG, "add server %s, flag: %X, ttl: %d", ip, result_flag, ttl);
 
diff --git a/src/dns_server.c b/src/dns_server.c
index 351c5d2946c..3b15e471e5d 100644
--- a/src/dns_server.c
+++ b/src/dns_server.c
@@ -1151,9 +1151,10 @@ static int _dns_server_reply_http_error(struct dns_server_conn_tcp_client *tcpcl
 
 	http_len = snprintf((char *)data, DNS_IN_PACKSIZE,
 						"HTTP/1.1 %d %s\r\n"
+						"Content-Length: %lu\r\n"
 						"\r\n"
-						"%s",
-						code, code_msg, message);
+						"%s\r\n",
+						code, code_msg, strlen(message) + 2, message);
 
 	send_len = _dns_server_tcp_socket_send(tcpclient, data, http_len);
 	if (send_len < 0) {
@@ -1185,7 +1186,7 @@ static int _dns_server_reply_https(struct dns_request *request, struct dns_serve
 
 	http_len = snprintf((char *)inpacket, DNS_IN_PACKSIZE,
 						"HTTP/1.1 200 OK\r\n"
-						"content-type: application/dns-message\r\n"
+						"Content-Type: application/dns-message\r\n"
 						"Content-Length: %d\r\n"
 						"\r\n",
 						len);
@@ -6205,12 +6206,12 @@ static int _dns_server_tcp_process_one_request(struct dns_server_conn_tcp_client
 					goto out;
 				}
 
-				tlog(TLOG_DEBUG, "remote server not supported.");
+				tlog(TLOG_DEBUG, "parser http header failed.");
 				goto errout;
 			}
 
 			if (http_head_get_method(http_head) != HTTP_METHOD_POST) {
-				tlog(TLOG_DEBUG, "remote server not supported.");
+				tlog(TLOG_DEBUG, "http method is invalid.");
 				goto errout;
 			}
 
@@ -6224,7 +6225,6 @@ static int _dns_server_tcp_process_one_request(struct dns_server_conn_tcp_client
 			request_len = http_head_get_data_len(http_head);
 			if (request_len >= len) {
 				tlog(TLOG_DEBUG, "request length is invalid.");
-
 				goto errout;
 			}
 			request_data = (unsigned char *)http_head_get_data(http_head);
@@ -6232,7 +6232,7 @@ static int _dns_server_tcp_process_one_request(struct dns_server_conn_tcp_client
 		} else {
 			if ((total_len - proceed_len) <= (int)sizeof(unsigned short)) {
 				ret = RECV_ERROR_AGAIN;
-				break;
+				goto out;
 			}
 
 			/* Get record length */
@@ -6241,12 +6241,12 @@ static int _dns_server_tcp_process_one_request(struct dns_server_conn_tcp_client
 
 			if (request_len >= sizeof(tcpclient->recvbuff.buf)) {
 				tlog(TLOG_DEBUG, "request length is invalid.");
-				return RECV_ERROR_FAIL;
+				goto errout;
 			}
 
 			if (request_len > (total_len - proceed_len - sizeof(unsigned short))) {
 				ret = RECV_ERROR_AGAIN;
-				break;
+				goto out;
 			}
 
 			request_data = (unsigned char *)(tcpclient->recvbuff.buf + proceed_len + sizeof(unsigned short));
@@ -6257,7 +6257,12 @@ static int _dns_server_tcp_process_one_request(struct dns_server_conn_tcp_client
 		ret = _dns_server_recv(&tcpclient->head, request_data, request_len, &tcpclient->localaddr,
 							   tcpclient->localaddr_len, &tcpclient->addr, tcpclient->addr_len);
 		if (ret != 0) {
-			return ret;
+			goto errout;
+		}
+
+		if (http_head != NULL) {
+			http_head_destroy(http_head);
+			http_head = NULL;
 		}
 	}
 
diff --git a/src/http_parse.c b/src/http_parse.c
index afd82177851..34071cce592 100644
--- a/src/http_parse.c
+++ b/src/http_parse.c
@@ -384,6 +384,10 @@ int http_head_parse(struct http_head *http_head, const char *data, int data_len)
 	if (http_head->head_ok == 0) {
 		for (i = 0; i < data_len; i++, data++) {
 			*(buff_end + i) = *data;
+			if (isprint(*data) == 0 && isspace(*data) == 0) {
+				return -2;
+			}
+
 			if (*data == '\n') {
 				if (http_head->buff_len + i < 2) {
 					continue;