diff --git a/va/http.go b/va/http.go
index dd9f0a998..8af8d1fe8 100644
--- a/va/http.go
+++ b/va/http.go
@@ -349,7 +349,16 @@ func (va *ValidationAuthorityImpl) extractRequestTarget(req *http.Request) (iden
 	}
 
 	if _, err := iana.ExtractSuffix(reqHost); err != nil {
-		return identifier.ACMEIdentifier{}, 0, berrors.ConnectionFailureError("Invalid host in redirect target, must end in IANA registered TLD")
+		isLabca := false
+		for _, domain := range va.labcaDomains {
+			if strings.HasSuffix(reqHost, "."+domain) {
+				isLabca = true
+			}
+		}
+
+		if !isLabca {
+			return identifier.ACMEIdentifier{}, 0, berrors.ConnectionFailureError("Invalid host in redirect target, must end in IANA registered TLD")
+		}
 	}
 
 	return identifier.NewDNS(reqHost), reqPort, nil
@@ -397,10 +406,10 @@ func (va *ValidationAuthorityImpl) setupHTTPValidation(
 
 	// This is a backstop check to avoid connecting to reserved IP addresses.
 	// They should have been caught and excluded by `bdns.LookupHost`.
-	err := va.isReservedIPFunc(targetIP)
-	if err != nil {
-		return nil, record, err
-	}
+	// err := va.isReservedIPFunc(targetIP)
+	// if err != nil {
+	// 	return nil, record, err
+	// }
 
 	record.AddressUsed = targetIP