Originally reported in #meta-1132.
There is currently no auto-redirect to HTTPS for our local sites like https://de.wordpress.org/. It had worked for a short time because of a change in WP (#27954) to
redirect_canonical() but it got reverted later (#29708). In a chat with @nacin he proposed that this should be handled on our LBs.
We currently have ~145 local sites. Adding all subdomains to a redirect rule isn’t something we want I think. Can we force all subdomains to be HTTPS? AFAIK only api.w.org and planet.w.org would be an exception.