SSL: How To Force Redirect HTTP To HTTPS On Laravel

Link Copied To Clipboard !

redirect-http-to-https Help

Using SSL on your website ensures the safe traffic and increases the client’s trust. Without using SSL, many users feel uncomfortable to use any secret credentials as they could be intercepted in between. So, using SSL is not to make website look fancy but to provide secure protocol to users, make it use latest web standards and ensuring encryption for every traffic users make/receive.

For using secure SSL connection, you must first have to have a SSL certificate. You can buy it or get for free somehow but you need to have it to use https connection. Once you have it installed on your server, you can use the https protocol. But you can also use http. Meaning that, users will be able to use both http and https connections and those who use http will not get entirely secure connection. To fix this problem, we can redirect every http traffic to https and serve the users. But how do we do that ?

Before starting, make sure you have enabled mode_rewrite on your server. You can do that by executing following command: sudo a2enmode rewrite && sudo service apache2 restart .

How To Force Redirect HTTP To HTTPS On Laravel

In Laravel, there is an easy way to redirect http traffic to https. It is the best practice and Laravel recommended way as well. So, what you need to do is paste the following code inside boot function of your-project/app/Providers/AppServiceProvider.php

if(env('APP_ENV') == 'production'){
    URL::forceScheme('https');
}

Make sure you have imported URL . Add this line before start of class to import : use Illuminate\Support\Facades\URL; Now, set you url with https in .env file i.e. APP_URL=https://yourdomain.com. Now, if you enter your domain with http, you should get redirected to https. If its not working, make sure to change APP_ENV to production.

How to redirect http to https using virtual host ?

If you are using apache2 and virtual host configuration, you can redirect http traffic to https using some lines on virtual host configuration file. The is the best practice for https redirection and you can use it to any application including laravel as long as it runs on apache server and uses virtual hosts. Use the following code in your virtual host configuration file:

<VirtualHost *:80>
    RewriteEngine On
    RewriteCond %{HTTP:X-Forwarded-Proto} =http
    RewriteRule .* https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]
</VirtualHost>

Now, restart the server using sudo service apache2 restart and all http traffic should get redirected to https. If you do not know how to create virtual host, follow this article:

How To Deploy Laravel Application On AWS EC2 ?

How To Redirect HTTP Traffic To HTTPS Using .htaccess

This is not the best and recommended way but it can work. Use the following lines in your .htaccess file to redirect traffic to https:

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} =http
RewriteRule .* https://%{HTTP:Host}%{REQUEST_URI} [L,R=permanent]

So, that’s it. If you are using apache server, any of the above method should work. If you are trying to force https redirection on Laravel Project, the first approach is the best approach as it does not involve any virtual host or htaccess configuration.


You May Also Like