diff --git a/routers/api/v1/activitypub/reqsignature.go b/routers/api/v1/activitypub/reqsignature.go
index f080f4e201..68f034350d 100644
--- a/routers/api/v1/activitypub/reqsignature.go
+++ b/routers/api/v1/activitypub/reqsignature.go
@@ -90,6 +90,16 @@ func verifyHTTPSignatures(ctx *gitea_context.APIContext) (authenticated bool, er
 	// 3. Verify the other actor's key
 	algo := httpsig.Algorithm(setting.Federation.Algorithms[0])
 	authenticated = v.Verify(pubKey, algo) == nil
+	if authenticated {
+		return
+	}
+	// 4. When Gitea and the other ActivityPub server are running on the same machine, the Host header is sometimes incorrect
+	r.Header["Host"] = []string{setting.Domain}
+	v, err = httpsig.NewVerifier(r)
+	if err != nil {
+		return
+	}
+	authenticated = v.Verify(pubKey, algo) == nil
 	return
 }