(Low-priority) It looks like https://security.wordpress.org doesn’t act the same as http://security.wordpress.org:
httpHTTP HTTP is an acronym for Hyper Text Transfer Protocol. HTTP is the underlying protocol used by the World Wide Web and this protocol defines how messages are formatted and transmitted, and what actions Web servers and browsers should take in response to various commands.: (note: p2 automatically httpsHTTPS HTTPS is an acronym for Hyper Text Transfer Protocol Secure. HTTPS is the secure version of HTTP, the protocol over which data is sent between your browser and the website that you are connected to. The 'S' at the end of HTTPS stands for 'Secure'. It means all communications between your browser and the website are encrypted. This is especially helpful for protecting sensitive data like banking information.’s the below urls, edit post to see raw)
$ curl -IL https://security.wordpress.org/ | grep Location
Location: https://codex.wordpress.org/FAQ_Security
Location: https://make.wordpress.org/core/handbook/reporting-security-vulnerabilities/
Location: https://make.wordpress.org/core/handbook/testing/reporting-security-vulnerabilities/
https:
- invalid cert (multipattern)
- redirect to default cpanel URLURL A specific web address of a website or web page on the Internet, such as a website’s URL www.wordpress.org
The URL is used as a shorthand in some documentation AFAIK, mentioned to me by @netweb who uses HTTPS Everywhere which triggered this.