This site will have limited functionality while we undergo maintenance to improve your experience. If an article doesn't solve your issue and you want to ask a question, we have our support community waiting to help you at @FirefoxSupport on Twitter and/r/firefox on Reddit.

Search Support

Avoid support scams. We will never ask you to call or text a phone number or share personal information. Please report suspicious activity using the “Report Abuse” option.

Learn More

Why am I being redirected to https web site

more options

I have a website, now, it does not matter the website name really, but when I goto it, it redirects me to from http: to https:, this is a blank site with a blank index file, this ONLY happens on this one site and ONLY happens in firefox, chrome, IE, edge, etc, all work fine. I have cleared cache, history, everything, uninstalled firefox, resintalled it, etc, it is still redirecting me to HTTPS on this one domain, its a brand new domain I have setup on my hosting, this is obviously a bug with firefox, is there ANY way to stop it from doing this? (I even did the about:config and turned of the url stuff so thats not it) This is firefox 49.01

I have a website, now, it does not matter the website name really, but when I goto it, it redirects me to from http: to https:, this is a blank site with a blank index file, this ONLY happens on this one site and ONLY happens in firefox, chrome, IE, edge, etc, all work fine. I have cleared cache, history, everything, uninstalled firefox, resintalled it, etc, it is still redirecting me to HTTPS on this one domain, its a brand new domain I have setup on my hosting, this is obviously a bug with firefox, is there ANY way to stop it from doing this? (I even did the about:config and turned of the url stuff so thats not it) This is firefox 49.01

Asịsa ahọpụtara

You know what may be faster is:

  • Open the Library dialog to your history, either
    • Ctrl+Shift+h
    • "Show All History"
  • right-click a history entry for the site and "Forget About This Site"

That should removes all data, including cache, history, cookies, bookmarks, AND any saved HSTS flag.

Gụọ azịza a na nghọta 👍 1

All Replies (5)

more options

I assume you are not using HTTPS Everywhere or other extensions which may force HTTPS connections.

Have you ever used any applications on your domain, for example, for administration of the hosting account? If a web application on your domain sent Firefox an HTTP Strict Transport Security (HSTS) header, Firefox will apply that to your site as well as that app.

To check for that:

Open your current Firefox settings (AKA Firefox profile) folder using either

  • "3-bar" menu button > "?" button > Troubleshooting Information
  • (menu bar) Help > Troubleshooting Information
  • type or paste about:support in the address bar and press Enter

In the first table on the page, click the "Show Folder" button. This should launch a new window listing various files and folders in Windows Explorer.

Scroll down in the folder or search for the file SiteSecurityServiceState.txt which would contain any cached instruction to always use a secure connection.

To see whether your site appears in there, you can right-click > Open With, and choose Firefox to view the file (don't make Firefox your default, though, uncheck that box). Alternately, you can right-click > Edit the file, but Notepad will run all the lines together so you'll need to use Search in that case to check for your site.

If necessary, you can exit Firefox and delete that file. Firefox will gradually rebuild it.

more options

Asịsa Ahọpụtara

You know what may be faster is:

  • Open the Library dialog to your history, either
    • Ctrl+Shift+h
    • "Show All History"
  • right-click a history entry for the site and "Forget About This Site"

That should removes all data, including cache, history, cookies, bookmarks, AND any saved HSTS flag.

more options

K, first suggestion didn't help, did the second one, what I was doing was DELETING page instead of hitting forget this page, once I finally did that it seems to have fixed itself, much appreciated!

more options

the solution works, but I wonder why this implementation was selected. I have it on a banking site: the link to the FAQ pages becomes https: and then Firefox refuses access (and does not allow exceptions). This does not happen on the other browsers and the helpdesk signalled me that other users complain about this behaviour, but the helpdesk cannot repeat the problem: because they don't have that same history file setting with HSTS in it. Why is Firefox saving a flag that probably does not exist in the current implementation of the website? Additionally: does "forget all history" (so not just "forget this site") clean this flag?

more options

Hi efsee, HSTS isn't something a handful of installations of Firefox would improvise. If the bank cannot replicate it, perhaps they are not using the site in the same sequence you are. If you encounter the problem again, check your history for all of the various pages you visited on their server and send them the list to see whether that helps them spot the culprit.

Also, what is the error code on the page you're unable to load? If there is an "Advanced" button on the error page, please click that and copy/paste the explanation from there including any code with ERROR in it.

Additionally: does "forget all history" (so not just "forget this site") clean this flag?

I don't think so. It's not a standard category.