426

HTTP 426 Upgrade Required

4xx Client Error

4xx Client Error RFC 7231, Section 6.5.15

What is HTTP 426 Upgrade Required?

The 426 (Upgrade Required) status code indicates that the server refuses to perform the request using the current protocol but might be willing to do so after the client upgrades to a different protocol. The response must include an Upgrade header indicating the required protocol.

Common Use Cases

  • Requiring TLS/HTTPS upgrade
  • Requiring HTTP/2 upgrade
  • Deprecating old protocol versions

Usage Example

When a client sends a request over HTTP to an endpoint that requires HTTPS, respond with 426 Upgrade Required and include Upgrade: TLS/1.2 in the header. The client should re-send the request over HTTPS. This is more informative than a generic redirect.

# Nginx - returning 426 for non-TLS requests
server {
    listen 80;
    server_name api.example.com;
    
    return 426 "Upgrade Required";
    add_header Upgrade TLS/1.2;
    add_header Connection Upgrade;
}

Common Mistakes

⚠️

Mistake: Forgetting the Upgrade header in a 426 response

Fix: A 426 response must include an Upgrade header specifying the required protocol. Without it, the client does not know what protocol to upgrade to.

Last updated: 21 Jun 2026