1. 技术文章
  2. Laravel: how to force HTTPS?

Laravel: how to force HTTPS?

邮差的信 提交于 2019-11-29 17:58:12

问题


I'm starting to develop a new big app, and I'm using Laravel this time, and it's the first time.

I need to force HTTPS for all pages, it's not important if from code or by .htaccess, but I'm not able to find a simple tutorial.

The official docs dosn't speak about this problem.

For info, my acutal .htaccess is

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>

    RewriteEngine On

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

My question is specific to Laravel 5, because I ve no idea on where and how modify this .htaccess file. And also I'am asking you if this is the right way for Laravel or if Laravel has something specific to setup to handle HTTPs.

So please do not close my question and try to be more adherent to the Laravel specific topic.

If you can post a simple way to modify this file AND/OR What to modify in Laravel config to properly handle https.

But in short yes, I want to force every call to transit on HTTPS.


回答1:


You need adding this to your .htaccess file: 

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://YOURWEBSITEDOMAIN/$1 [R,L]

See this: http://www.inmotionhosting.com/support/website/ssl/how-to-force-https-using-the-htaccess-file




回答2:


Try adding this code in your .htaccess file.

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



回答3:


When you want to Render all URLs with https. The simplest method is use below code in the boot() function of app/Providers/AppServiceProvider.php :

\URL::forceScheme('https');




回答4:


Change your domain in .htaccess by:

RewriteCond %{HTTP_HOST} mydomain.com [NC]

RewriteRule ^(.*)$ https://mydomain/$1 [R,L] 

<IfModule mod_rewrite.c>
  <IfModule mod_negotiation.c>
      Options -MultiViews
  </IfModule>

  RewriteEngine On

  # Added to Force HTTPS
  RewriteCond %{HTTP_HOST} mydomain\.com [NC]
  RewriteCond %{SERVER_PORT} 80
  RewriteRule ^(.*)$ https://mydomain/$1 [R,L]

  # Redirect Trailing Slashes If Not A Folder...
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteRule ^(.*)/$ /$1 [L,R=301]

  # Handle Front Controller...
  RewriteCond %{REQUEST_FILENAME} !-d
  RewriteCond %{REQUEST_FILENAME} !-f
  RewriteRule ^ index.php [L]

  # Handle Authorization Header
  RewriteCond %{HTTP:Authorization} .
  RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>



回答5:


This worked for me

<IfModule mod_rewrite.c>
    RewriteEngine on
    RewriteRule ^(.*)$ public/$1 [L]
    RewriteCond %{HTTPS} !=on
    RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} !^public [L,R=301]
</IfModule>



回答6:


Add this to the boot method in AppServiceProvider

if($this->app->environment('production'))
{
   $this->app['request']->server->set('HTTPS','on');
}



回答7:


You could try searching here first. There's tons of questions for the same issue with answers.

https://stackoverflow.com/a/4399158/5892849

RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]



回答8:


Try changing the "APP_URL" in the .env file from

APP_URL = http://example.com

to

APP_URL = https://example.com



回答9:


This worked for me:

# Check if HTTPS is enabled
#RewriteCond %{HTTPS} ^on$ [NC]
#RewriteCond %{QUERY_STRING} !https-is-on [NC]
#RewriteRule (.*) /?https-is-on [R,L]

# Redirect all HTTP to HTTPS requests
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]

# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]

# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]

# Remove index.php from the url
RewriteCond %{THE_REQUEST} ^GET.*index\.php [NC]
RewriteRule (.*?)index\.php/*(.*) /$1$2 [R=301,NE,L]


来源:https://stackoverflow.com/questions/44006146/laravel-how-to-force-https

标签
laravel
.htaccess
mod-rewrite
https
laravel-5.4
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!