diff --git a/changelogs/unreleased/add-rails-application-config-hosts.yml b/changelogs/unreleased/add-rails-application-config-hosts.yml
new file mode 100644
index 0000000000000000000000000000000000000000..bfa339a5759d5145f45dea4ba9a15f932618e3df
--- /dev/null
+++ b/changelogs/unreleased/add-rails-application-config-hosts.yml
@@ -0,0 +1,5 @@
+---
+title: Add setting to control Rails.application.config.hosts
+merge_request: 55491
+author:
+type: added
diff --git a/config/gitlab.yml.example b/config/gitlab.yml.example
index 76eef1a81d3639ef057652e7226ea4c4c5c68c07..57ece521301607a4538652a6a352f79f420e479d 100644
--- a/config/gitlab.yml.example
+++ b/config/gitlab.yml.example
@@ -73,6 +73,8 @@ production: &base
         worker_src: "'self' blob:"
         report_uri:
 
+    allowed_hosts: []
+
     # Trusted Proxies
     # Customize if you have GitLab behind a reverse proxy which is running on a different machine.
     # Add the IP address for your reverse proxy to the list, otherwise users will appear signed in from that address.
diff --git a/config/initializers/1_settings.rb b/config/initializers/1_settings.rb
index 151af995ff63e5731b8b57b594fac5a229099fbb..8de8584b7483204c01c94601b954e6d73acccb9b 100644
--- a/config/initializers/1_settings.rb
+++ b/config/initializers/1_settings.rb
@@ -210,6 +210,7 @@
 Settings.gitlab['import_sources'] ||= Gitlab::ImportSources.values
 Settings.gitlab['trusted_proxies'] ||= []
 Settings.gitlab['content_security_policy'] ||= Gitlab::ContentSecurityPolicy::ConfigLoader.default_settings_hash
+Settings.gitlab['allowed_hosts'] ||= []
 Settings.gitlab['no_todos_messages'] ||= YAML.load_file(Rails.root.join('config', 'no_todos_messages.yml'))
 Settings.gitlab['impersonation_enabled'] ||= true if Settings.gitlab['impersonation_enabled'].nil?
 Settings.gitlab['usage_ping_enabled'] = true if Settings.gitlab['usage_ping_enabled'].nil?
diff --git a/config/initializers/rails_host_authorization.rb b/config/initializers/rails_host_authorization.rb
index 7d719dd519f16555c25de818abcad8684292f9e3..22bb6fb7061a7457966de26d868a4954d21325e5 100644
--- a/config/initializers/rails_host_authorization.rb
+++ b/config/initializers/rails_host_authorization.rb
@@ -2,6 +2,11 @@
 
 # This file requires config/initializers/1_settings.rb
 
+if Gitlab.config.gitlab.allowed_hosts.present?
+  Rails.application.config.hosts << Gitlab.config.gitlab.host << 'unix'
+  Rails.application.config.hosts += Gitlab.config.gitlab.allowed_hosts
+end
+
 if Rails.env.development?
   Rails.application.config.hosts += [Gitlab.config.gitlab.host, 'unix', 'host.docker.internal']