diff --git a/lib/modules/Protocols.pmod/HTTP.pmod/module.pmod b/lib/modules/Protocols.pmod/HTTP.pmod/module.pmod
index 1611735e82877128182af0f01cc32477c60ab936..1fe7c3d783da731be5a5b0ea7ced40bd2ded241e 100644
--- a/lib/modules/Protocols.pmod/HTTP.pmod/module.pmod
+++ b/lib/modules/Protocols.pmod/HTTP.pmod/module.pmod
@@ -182,6 +182,11 @@ constant response_codes =
 
     proxy_headers["Proxy-Authorization"] = "Basic "
       + MIME.encode_base64((user || "") + ":" + (password || ""), 1);
+    if (has_value(proxy->host, ":")) {
+      proxy_headers["host"] = "[" + proxy->host + "]:" + proxy->port;
+    } else {
+      proxy_headers["host"] = proxy->host + ":" + proxy->port;
+    }
   }
 
   if (url->scheme == "http") {
@@ -210,7 +215,8 @@ constant response_codes =
       m_delete(proxy_headers, "authorization");	// Keep the proxy in the dark.
       con = do_method("CONNECT", proxy, 0, proxy_headers);
       con->data(0);
-      if (con->status/100 > 2) {
+      if (con->status >= 300) {
+	// Proxy did not like us or failed to connect to the remote.
 	return con;
       }
       con->headers["connection"] = "keep-alive";
@@ -468,6 +474,14 @@ protected void https_proxy_connect_ok(Protocols.HTTP.Query con,
 				      string data)
 {
   con->set_callbacks(@orig_cb_info);
+  if (con->status >= 300) {
+    // Proxy did not like us or failed to connect to the remote.
+    // Return the failure message.
+    if (con->request_ok) {
+      con->request_ok(con, @con->extra_args);
+    }
+    return;
+  }
 
   // Install the timeout handler for the interval until
   // the TLS connection is up.
@@ -554,6 +568,11 @@ void do_async_proxied_method(string|Standards.URI proxy,
 
     proxy_headers["Proxy-Authorization"] = "Basic "
       + MIME.encode_base64((user || "") + ":" + (password || ""), 1);
+    if (has_value(proxy->host, ":")) {
+      proxy_headers["host"] = "[" + proxy->host + "]:" + proxy->port;
+    } else {
+      proxy_headers["host"] = proxy->host + ":" + proxy->port;
+    }
   }
 
   if (url->scheme == "http") {