diff --git a/src/wp-includes/http.php b/src/wp-includes/http.php
index b343bb69f572b..defb13249e3a4 100644
--- a/src/wp-includes/http.php
+++ b/src/wp-includes/http.php
@@ -587,9 +587,24 @@ function wp_http_validate_url( $url ) {
 	$parsed_home = parse_url( get_option( 'home' ) );
 	$same_host   = isset( $parsed_home['host'] ) && strtolower( $parsed_home['host'] ) === strtolower( $parsed_url['host'] );
 	$host        = trim( $parsed_url['host'], '.' );
+	$is_ipv4     = (bool) preg_match(
+		'#^(([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)\.){3}([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)$#',
+		$host
+	);
 
 	if ( ! $same_host ) {
-		if ( preg_match( '#^(([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)\.){3}([1-9]?\d|1\d\d|25[0-5]|2[0-4]\d)$#', $host ) ) {
+		if (
+			! $is_ipv4
+			&& extension_loaded( 'filter' )
+			&& ! filter_var(
+				$host,
+				FILTER_VALIDATE_DOMAIN,
+				array( 'flags' => FILTER_FLAG_HOSTNAME )
+			)
+		) {
+			return false;
+		}
+		if ( $is_ipv4 ) {
 			$ip = $host;
 		} else {
 			$ip = gethostbyname( $host );
diff --git a/tests/phpunit/tests/http/http.php b/tests/phpunit/tests/http/http.php
index 651064dc5674c..e5acd3a518982 100644
--- a/tests/phpunit/tests/http/http.php
+++ b/tests/phpunit/tests/http/http.php
@@ -566,6 +566,9 @@ public function data_wp_http_validate_url_should_not_validate() {
 				'url'           => 'https://example.com:81/caniload.php',
 				'cb_safe_ports' => 'callback_remove_safe_ports',
 			),
+			'underscore_in_hostname'                       => array(
+				'url' => 'https://foo_bar.example.com/',
+			),
 		);
 	}