Title: requests to the 404 page from http to https Last modified: July 25, 2025 --- # requests to the 404 page from http to https * [andronasis](https://wordpress.org/support/users/andronasis/) * (@andronasis) * [10 months, 3 weeks ago](https://wordpress.org/support/topic/requests-to-the-404-page-from-http-to-https/) * Maybe someone knows! I have installed a plugin that allows you to show who visited the 404 page. And now it shows that http requests are being sent to https. And these requests arrive on the 404 https page of the website. Requests of this kind (/update/admin.php/wp-content/plugins/wp-help//about.php/wp-content/themes/ aahana/json.php/wp-content/themes/pridmag/db.php/function/admin.php) * Can you tell me if this is necessary or not? If not, how can I fix it? Viewing 4 replies - 1 through 4 (of 4 total) * [Mohammad Shoeb Ansari](https://wordpress.org/support/users/lovemarshall/) * (@lovemarshall) * [10 months, 2 weeks ago](https://wordpress.org/support/topic/requests-to-the-404-page-from-http-to-https/#post-18571470) * These paths are likely malicious bot probes and not legitimate traffic which are aimed to exploit vulnerabilities on your website. * We see these patterns in hundreds on our sites and can block these. However, the nature and path keep changing and is hard to track. The best remedy is to keep the sites up to date. * Moderator [bcworkz](https://wordpress.org/support/users/bcworkz/) * (@bcworkz) * [10 months, 2 weeks ago](https://wordpress.org/support/topic/requests-to-the-404-page-from-http-to-https/#post-18571481) * Usually the HTTP to HTTPS redirect happens before WP ever gets the request, so there’s no way for WP to track which were initially HTTP requests. The redirect is typically by .htaccess directives. * Unless you have a specific need to track HTTP only, I don’t see why differentiation would be necessary. * Moderator [threadi](https://wordpress.org/support/users/threadi/) * (@threadi) * [10 months, 2 weeks ago](https://wordpress.org/support/topic/requests-to-the-404-page-from-http-to-https/#post-18571487) * Unfortunately, I don’t know which plugin you are referring to. However, the list of URLs you mentioned suggests that it also records bot access to non-existent URLs. These are also 404 errors, but they are also potential attack attempts because they try to find out whether the URLs exist on your site in order to exploit a security vulnerability in a second step. For example, by accessing a plugin directory of a plugin that has known security vulnerabilities. * You can never rule out this type of access. It exists and you will see it again and again. It may help to secure access before it reaches WordPress. Cloudflare or security tools from your host could help – but they could also cause other problems. * I would recommend simply ignoring it. If you are looking for other options, contact the support team for the plugin you are using that is displaying this list. * Thread Starter [andronasis](https://wordpress.org/support/users/andronasis/) * (@andronasis) * [10 months, 2 weeks ago](https://wordpress.org/support/topic/requests-to-the-404-page-from-http-to-https/#post-18572857) * Thanks Viewing 4 replies - 1 through 4 (of 4 total) The topic ‘requests to the 404 page from http to https’ is closed to new replies. ## Tags * [bots](https://wordpress.org/support/topic-tag/bots/) * In: [Fixing WordPress](https://wordpress.org/support/forum/how-to-and-troubleshooting/) * 6 replies * 4 participants * Last reply from: [andronasis](https://wordpress.org/support/users/andronasis/) * Last activity: [10 months, 2 weeks ago](https://wordpress.org/support/topic/requests-to-the-404-page-from-http-to-https/#post-18572857) * Status: not resolved ## Topics ### Topics with no replies ### Non-support topics ### Resolved topics ### Unresolved topics ### All topics