421 Misdirected Request
The HTTP 421 status code means a server received a request that wasn’t intended for it and is unable or unwilling to handle the request.
Under the HTTP/2 protocol, browsers will try to reuse connections. During the TLS handshake, a server presents a certificate valid for lol.example.com
and yikes.example.com
. The client can reuse the connection and try to connect to yikes.example.com
. If the server doesn’t want or can’t accept the reused connection, it can return the 421 Misdirected Request
response.
This usually happens when multiple websites are hosted on the same server, sharing the same SSL/TLS certificate (wildcard certificate or multiple SANs), and accessible via HTTP/2 protocol.
Some browsers will retry a request after encountering this status code.
You have several options around this problem:
- Using separate servers, IP addresses, and SSL/TLS certificates for each website.
- Using the same configuration for all websites.
- Disabling HTTP/2 support.
- Disabling SSL/TLS session reuse.