Beamtic's logo

Share via:

Solution to 1408F10B - ssl3_get_record: wrong version number

This problem can either happen when you have listed the external domain name in your host file, or when using a proxy server to connect to the website.


Edited: 2020-08-13 12:25

error:1408F10B:SSL routines:ssl3_get_record:wrong version number

I recently wanted to send some HTTP requests to my own website, to check if I had broken URLs, but I was unable to use both cURL and PHP's file_get_content to send the requests, as it would result in this strange looking error message.

I even attempted to send a HTTP test-request from cURL in the terminal to see if the error was specific to PHP or if it also happened from the command line; the problem occurred from both places, so at this point I wondered if something was wrong in my host file.

When I opened the host file, I found that I had accidentally placed the website external domain name in there, and associated it with the local IP address. This meant that whenever a HTTP request was sent to the website from the server, it would instead go through the local IP, which was what triggered this strange SSL error. The problem was resolved when I removed the domain from the host file.

It seems this problem may also be caused by using a proxy server to access a website, although I have not really experienced this myself, since I never use proxy servers.

Servers sending HTTP requests to themselves

If you want to check if pages on your domain are still available, it can be useful to send a HEAD request to the page over HTTP; if then the server responds with a 200 status code, it will indicate that the page does exist. This is assuming that the server is configured correctly, and that the CMS does not have a flawed or bugged implementation.

But, please note that this is not the most efficient way to do it. You might also need to add a sleep time in microseconds if you got rate-limiting configured — in order not to get misleading responses or get yourself blocked.

For pages that are loaded from your database, you should instead consider querying the database to see if a given page exist; sending HTTP requests is only useful for static files, and if you got a lot of URLs to check, it might take several hours to get through them all. It also messes with your statistics and your log files, if you do not take necessary preconditions.


  1. HTTP headers are not case-sensitive, so we are free to convert them to all-lowercase in our applications.
  2. In-app browsers do some things a little differently than normal browsers, and that might result in 500 errors on your server, among other interesting things.
  3. Short explanation of the HTTP range header.
  4. Learn why 403 is the most suitable status code for failed log in attempts.
  5. How to block unused URL parameters (non-existent) in PHP web applications.

More in: Web development