diff --git a/uri.go b/uri.go
index 528e88413a..dff8a2ca53 100644
--- a/uri.go
+++ b/uri.go
@@ -446,6 +446,9 @@ func parseHost(host []byte) ([]byte, error) {
 			return append(host1, append(host2, host3...)...), nil
 		}
 	} else if i := bytes.LastIndexByte(host, ':'); i != -1 {
+		if bytes.IndexByte(host[:i], ':') != -1 {
+			return nil, fmt.Errorf("invalid host %q with multiple port delimiters", host)
+		}
 		colonPort := host[i:]
 		if !validOptionalPort(colonPort) {
 			return nil, fmt.Errorf("invalid port %q after host", colonPort)
diff --git a/uri_test.go b/uri_test.go
index cb2bb3c4ef..ec17dd196f 100644
--- a/uri_test.go
+++ b/uri_test.go
@@ -145,6 +145,27 @@ func TestURIRejectInvalidScheme(t *testing.T) {
 	}
 }
 
+func TestURIRejectMultiplePorts(t *testing.T) {
+	t.Parallel()
+
+	testcases := []string{
+		"http://192.168.1.1:1111:2222/",
+		"http://example.com:80:8080/",
+	}
+
+	for _, raw := range testcases {
+		var u URI
+		if err := u.Parse(nil, []byte(raw)); err == nil {
+			t.Fatalf("expected Parse to fail for %q", raw)
+		}
+	}
+
+	var valid URI
+	if err := valid.Parse(nil, []byte("http://192.168.1.1:1111/")); err != nil {
+		t.Fatalf("unexpected error for valid uri: %v", err)
+	}
+}
+
 func TestURIUpdate(t *testing.T) {
 	t.Parallel()