diff --git a/config/custom.go b/config/custom.go
index b7930d3d9..788c68f4f 100644
--- a/config/custom.go
+++ b/config/custom.go
@@ -18,6 +18,7 @@ import (
 	"gopkg.in/yaml.v3"
 
 	"github.com/pomerium/pomerium/internal/httputil"
+	"github.com/pomerium/pomerium/internal/urlutil"
 )
 
 // JWTClaimHeaders are headers to add to a request based on IDP claims.
@@ -215,7 +216,7 @@ func ParseWeightedURL(dst string) (*WeightedURL, error) {
 		return nil, err
 	}
 
-	u, err := url.Parse(to)
+	u, err := urlutil.ParseAndValidateURL(to)
 	if err != nil {
 		return nil, fmt.Errorf("%s: %w", to, err)
 	}
diff --git a/internal/urlutil/url.go b/internal/urlutil/url.go
index 722fd8a69..cbec61e3b 100644
--- a/internal/urlutil/url.go
+++ b/internal/urlutil/url.go
@@ -39,6 +39,9 @@ func ParseAndValidateURL(rawurl string) (*url.URL, error) {
 	}
 	u, err := url.Parse(rawurl)
 	if err != nil {
+		if strings.Contains(err.Error(), "first path segment in URL cannot contain colon") {
+			err = fmt.Errorf("%w, have you specified protocol (ex: https)", err)
+		}
 		return nil, err
 	}
 	if err := ValidateURL(u); err != nil {
diff --git a/internal/urlutil/url_test.go b/internal/urlutil/url_test.go
index f8006e955..be0384b2c 100644
--- a/internal/urlutil/url_test.go
+++ b/internal/urlutil/url_test.go
@@ -48,6 +48,7 @@ func TestParseAndValidateURL(t *testing.T) {
 		{"bad hostname", "https://", nil, true},
 		{"bad parse", "https://^", nil, true},
 		{"empty string error", "", nil, true},
+		{"path segment", "192.168.0.1:1234/path", nil, true},
 	}
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {