Domain is forcing HTTPS automatically when accessing by HTTP

Asked Sep 15 '15 at 09:33

Active Sep 15 '15 at 09:33

Viewed 49 times

I have a project based on Nginx + Node.js. When I'm trying to access it by my domain, it automatically redirects from HTTP to HTTPS and I get a 404 because my deployment is not ready for SSL.

When it tries to get in through HTTPS, the request doesn't even reach Nginx, or at least it doesn't show anything in access log. Because of that, I'm assuming that is the domain who is forcing HTTPS and not the server itself.

Could the domain have some king of header or option enabled for forcing HTTPS automatically?

Thanks!

asked Sep 15 '15 at 09:33

Rubén Jiménez

2

Your question has a one word answer, [yes](https://www.owasp.org/index.php/HTTP_Strict_Transport_Security). – David Schwartz Sep 15 '15 at 09:38
Oh thanks, where do i suppose to disable this header? In my domain provider? – Rubén Jiménez Sep 15 '15 at 09:42
1

First confirm that you're sending it. – David Schwartz Sep 15 '15 at 09:48

Domain is forcing HTTPS automatically when accessing by HTTP

0 Answers0