I have my main site (turnereison.com) set to be HTTPS, but I want my subdomain (example.turnereison.com) to be HTTP, for a reason I don't want to get into here. Clearing my cache fixes it until I go back to the main site.
curl -I turnereison.com
returns a response that includes the following header:
Strict-Transport-Security: max-age=63072000; includeSubDomains
This HTTP Strict Transport Security header tells the browser to enforce HTTPS for the entire domain name, including any subdomains. Clearing your cache works because it forgets this setting; when you visit turnereison.com
again it becomes enforced again.
You'll want to adjust this header to leave out the includeSubDomains
(although adding HTTPS to the subdomain would be far preferable, and is free with Let's Encrypt). It might be set by a WordPress plugin , or your server configuration somewhere.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.