diff --git a/src/wp-admin/includes/class-wp-community-events.php b/src/wp-admin/includes/class-wp-community-events.php
index 7456da574c..2eda6a0834 100644
--- a/src/wp-admin/includes/class-wp-community-events.php
+++ b/src/wp-admin/includes/class-wp-community-events.php
@@ -218,7 +218,7 @@ class WP_Community_Events {
 	 * a proxy. In those cases, $_SERVER['REMOTE_ADDR'] is set to the proxy address rather
 	 * than the user's actual address.
 	 *
-	 * Modified from http://stackoverflow.com/a/2031935/450127, MIT license.
+	 * Modified from https://stackoverflow.com/a/2031935/450127, MIT license.
 	 * Modified from https://github.com/geertw/php-ip-anonymizer, MIT license.
 	 *
 	 * SECURITY WARNING: This function is _NOT_ intended to be used in
diff --git a/src/wp-includes/rest-api/class-wp-rest-request.php b/src/wp-includes/rest-api/class-wp-rest-request.php
index 0f615cb0dc..f9c6317896 100644
--- a/src/wp-includes/rest-api/class-wp-rest-request.php
+++ b/src/wp-includes/rest-api/class-wp-rest-request.php
@@ -169,8 +169,8 @@ class WP_REST_Request implements ArrayAccess {
 	 * Note that we treat `-` (dashes) and `_` (underscores) as the same
 	 * character, as per header parsing rules in both Apache and nginx.
 	 *
-	 * @link http://stackoverflow.com/q/18185366
-	 * @link http://wiki.nginx.org/Pitfalls#Missing_.28disappearing.29_HTTP_headers
+	 * @link https://stackoverflow.com/q/18185366
+	 * @link https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/#missing-disappearing-http-headers
 	 * @link https://nginx.org/en/docs/http/ngx_http_core_module.html#underscores_in_headers
 	 *
 	 * @since 4.4.0