The browser does not automatically substitute https in the site address. When entering a site address without http/https, the browser substitutes http. How to be?

S

Stanislav Zinenko2020-11-12 14:39:57

Browsers

Stanislav Zinenko, 2020-11-12 14:39:57

Registered a domain. Installed on hosting. Got an SSL certificate. Hosting installed it. When you enter the site address with https://, everything opens fine. There are no warnings. Works. If you write the site address in the browser without the https:// prefix , the browser automatically substitutes the http:// prefix in the address and, accordingly, a warning appears that the site is unsafe.
How to deal with it?
I haven't registered in search engines yet. But as far as I remember, the browser should immediately check the ability to connect via https and connect through it.

Reply

Answer the question

In order to leave comments, you need to log in

2 answer(s)

A

Andrey Gavrilov, 2020-11-12
@thexaver

Nope, only if you enable hsts and hstspreload then the browser will take the ssl certificate. For you, redirect from http to https and do hsts and hstspreload

S

Sand, 2020-11-12
@sand3001

The browser does not automatically switch http to https, for this it needs to receive the appropriate header from the web server. Typically a "redirect 301" header is used from http to https. You can implement this redirect both by the program code of your site (for example, use header('HTTP/1.1 301 Moved Permanently') in php), or by setting up a web server - this is a question for hosting, depending on which server is used there.