diff --git a/packages/server/src/cli.ts b/packages/server/src/cli.ts
index 64f51a41..c7b5d14b 100644
--- a/packages/server/src/cli.ts
+++ b/packages/server/src/cli.ts
@@ -25,6 +25,7 @@ export class Entry extends Command {
 		port: flags.integer({ char: "p", default: 8443, description: "Port to bind on" }),
 		version: flags.version({ char: "v" }),
 		"no-auth": flags.boolean({ default: false }),
+		"allow-http": flags.boolean({ default: false }),
 
 		// Dev flags
 		"bootstrap-fork": flags.string({ hidden: true }),
@@ -134,6 +135,7 @@ export class Entry extends Command {
 		const password = "023450wf0951";
 		const hasCustomHttps = certData && certKeyData;
 		const app = await createApp({
+			allowHttp: flags["allow-http"],
 			bypassAuth: flags["no-auth"],
 			registerMiddleware: (app): void => {
 				app.use((req, res, next) => {
diff --git a/packages/server/src/server.ts b/packages/server/src/server.ts
index ece7c654..a30dcc98 100644
--- a/packages/server/src/server.ts
+++ b/packages/server/src/server.ts
@@ -26,6 +26,7 @@ interface CreateAppOptions {
 	serverOptions?: ServerOptions;
 	password?: string;
 	httpsOptions?: https.ServerOptions;
+	allowHttp?: boolean;
 	bypassAuth?: boolean;
 }
 
@@ -187,7 +188,7 @@ export const createApp = async (options: CreateAppOptions): Promise<{
 	const authStaticFunc = expressStaticGzip(path.join(baseDir, "build/web/auth"));
 	const unauthStaticFunc = expressStaticGzip(path.join(baseDir, "build/web/unauth"));
 	app.use((req, res, next) => {
-		if (!isEncrypted(req.socket)) {
+		if (!isEncrypted(req.socket) && !options.allowHttp) {
 			return res.redirect(301, `https://${req.headers.host!}${req.path}`);
 		}