Status Code
426 Upgrade Required
The server refuses to perform the request using the current protocol and requires the client to upgrade to a different protocol.
TL;DR: Server refuses the request using current protocol and requires upgrade (like HTTP to HTTPS). Check the Upgrade header and switch to the required protocol.
What is 426 Upgrade Required?
A 426 Upgrade Required status code means the server refuses to perform the request using the current protocol but will accept it if the client upgrades to a different protocol specified in the Upgrade header.
Think of it like a bouncer saying “You can’t enter in casual clothes, but if you change into formal attire, come back and I’ll let you in.”
When Does This Happen?
Common scenarios:
1. Force HTTPS
Client uses HTTP
Server requires HTTPS2. WebSocket Required
Client makes regular HTTP request
Server requires WebSocket upgrade3. HTTP/2 Required
Client uses HTTP/1.1
Server requires HTTP/2Example Response
HTTP/1.1 426 Upgrade Required
Upgrade: HTTP/2.0
Connection: Upgrade
The server requires that this request be made over HTTP/2.
```text
## Implementation
```javascript
app.get('/websocket-only', (req, res) => {
if (req.headers.upgrade !== 'websocket') {
return res
.status(426)
.set('Upgrade', 'websocket')
.set('Connection', 'Upgrade')
.send('WebSocket upgrade required')
}
// Handle WebSocket upgrade...
})Related Status Codes
- 101 Switching Protocols - Successful protocol upgrade
- 400 Bad Request - Malformed request
- 505 HTTP Version Not Supported - Unsupported HTTP version
426 in Practice: WebSocket and Protocol Upgrades
The most common real-world use of 426 is in WebSocket servers that want to reject plain HTTP requests on the WebSocket endpoint. When a client sends a regular GET request to a WebSocket URL without the Upgrade: websocket header, the server can respond with 426 and Upgrade: websocket to signal that the endpoint only accepts WebSocket connections.
For HTTPS enforcement, 426 is technically correct but rarely used in practice. Most servers prefer a 301 redirect to the HTTPS URL because browsers handle redirects automatically, while 426 requires the client to understand the Upgrade header and initiate a new connection with the correct protocol. A 301 redirect works with every browser and HTTP client without any special handling.
The Upgrade response header is required with 426 and must specify the protocol the server requires. For WebSocket upgrades, this is Upgrade: websocket. For HTTP/2 upgrades over cleartext (h2c), it would be Upgrade: h2c. The Connection: Upgrade header should also be included to indicate that the Upgrade header is hop-by-hop and applies to the current connection only.
From a client perspective, receiving a 426 means you need to re-establish the connection using a different protocol. Unlike 301 redirects, there is no automatic handling in browsers or most HTTP libraries. Your code must explicitly check for 426, read the Upgrade header to determine the required protocol, and then initiate a new connection using that protocol.
Frequently Asked Questions
What does 426 Upgrade Required mean?
A 426 error means the server refuses to process the request using the current protocol and requires the client to upgrade. The Upgrade header specifies which protocol to use.
When is 426 Upgrade Required used?
It is used when a server requires a newer protocol version, TLS encryption, or WebSocket upgrade. The server tells the client which protocol is required via the Upgrade header.
How do I fix a 426 error?
Check the Upgrade header in the response to see which protocol is required. Switch to HTTPS if TLS is required, or upgrade your HTTP client to support the required protocol version.
What is the difference between 426 and 301 for HTTPS?
426 tells the client to upgrade the protocol. 301 redirects to a new URL. For HTTPS enforcement, 301 redirect to https:// is more common than 426 because it works with all browsers.