ssl error - You're accessing the development server over HTTPS, but it only supports HTTP

coder used Ask the Experts™
Hi Experts

I am working on a wagtail project(like django-cms) I get this error when I run python3 runserver

code 400, message Bad request syntax 
  You're accessing the development server over HTTPS, but it only supports 

Open in new window

I had changed SECURE_SSL_REDIRECT=FALSE and tested it still i get this same error. I had disabled cache in chrome.

 I had deactivated chorme caching in registry  by following steps.
Deactivate Chrome Cache in the Registry

Open Registry (Start -> Command -> Regedit)

Search for: HKEY_CLASSES_ROOT\ChromeHTML\shell\open\command

Change the part after ...chrom.exe" to this value: –disable-application- cache –media-cache-size=1 –disk-cache-size=1 — "%1"

Example: "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" - disable-application-cache –media-cache-size=1 –disk-cache-size=1 — "%1"

I had also tried disable cache from chrome developer tools network -disable cache.

I had also tried by clearing cache from hsts on chrome.

I had also tried from incognito window on chrome. But still I get the same error

It is an Ubuntu machine on AWS(accessed by putty from windows pc).

I access from outside (windows pc - local pc )through http://54.23x.9x.17:8000 I am not able to resolve this error.

I had tried on some other machine.  I got the following error on console for Linux Ubuntu

it is changing to https instead of http and I got "GET / HTTP/1.1" 301 0 on console window

Please help me in resolving this error.

With Many Thanks, Bharath AK
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
This is strange. The error message really seems as if you typed

Open in new window

instead of


Open in new window

Can you open the debug window on your web browser and check (on Firefox for example F12 + click on the network tab and onreload)

Alternatively take any command line tool like curl / wget to simulate a request.
nociSoftware Engineer
Distinguished Expert 2018
not using the https everywhere plugin?
BTW, it is better for all parties to DO use HTTPS.
Cost is marginal, if using LetsEncrypt & Certbot for renewals. Esp. on Linux systems.
@Bharath A.K and noci
Yeah it could be something like an https everywhere plugin or perhaps a permanent redirect which was caught by the browser.
You could try to use another browser or an anonymous browser window or disable all plugins and delete all history for the given server.


regarding HTTP instead of https

the django command
python3 runserver

Open in new window

is normally used to quickly launch a development server with automatic restart on source code change it is intentionally without HTTPS
and listens by default only on localhost for security reasons.
only by explicetely passing it will listen on all interfaces.

@Bharath A.K

I don't know if the developement server contains sensitive data, but what you could do in order to avoid opening an HTTP port on 0.0.0 you could start the development server only on localhost and use ssh with local portforwarding to create a secured tunel between your PC and the remote server.

Alternatively you could hide the development server behind a reverse proxy.
But I don't know all the features / servers that are available on your AWS
OWASP: Avoiding Hacker Tricks

Learn to build secure applications from the mindset of the hacker and avoid being exploited.



Hi Gelonida and Noci,

       I am able to see the application from the browser.  

Steps I had done is do http get from postman for http://54.25x.9x.17:8000,  It was throwing few errors on postman.
Like missing environmental variables like creating facebook-id and providing search path etc.  Once I set the environment variables
It succeeding with 200 ok on postman.  Then I was able to see the application from incognito window on chrome.
Later it started working on normal window and disable cache on network tab with developer tools on chrome.

With Many Thanks,

Bharath AK


Hi All,

Thank you so much,  my thinking was to use only browser to check http calls.  From you suggestions, I realized I can do all http tasks in curl, wget and postman.  Thanks for your ideas.  It is really helpful to me

Kind Regards,

Bharath AK


Hi All,

The following lines of code in is causing the ssl error.  Once I commented the below lines.  the error vanished.  I dont know exactly which line was causing the error. Once I comment this out, ssl error vanished.


With many thanks,

Bharath AK

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial