So, I happen to be faced with this HTTP to HTTPS redirect issue in every other Laravel project am working on and for some reasons, the application does not automatically use the secure shell layer connection SSL mode when a visitor manually uses the non SSL URL to visit the website.
What I will Cover Here
- Suggested Methods in the community to resolve these Laravel issues
- What works for me
- How to use the .htaccess file
- How to resolve the HTTP to HTTPS Redirect in Laravel Application
Methods explored to resolve the HTTPS Redirect Issue in Laravel
On StackOverflow, an answer given suggested the use of a Middleware class and then registering the Middleware in the kennel path of Laravel.
Using APP_ENV and AppServiceProvider
Based on the application mode of the application, you can listen for the project when in production and then within the AppServiceProvider.php file which can be found in app/Providers directory and go to boot method and We will be using UrlGenerator contract for redirection. In UrlGenerator class there is a function forceScheme which accepts argument name of schema i.e HTTPS or HTTP.
public function boot(UrlGenerator $url)
{
if(\App::environment('production')) {
$url->forceScheme('https');
}
}But the bitter truth is for every other project i tried using the above method i was not successful with it and so will not recommend it as a working solution for Laravel 7.
Working Laravel HTTPS Redirect Method
.htaccess Method
Sometimes referred to as the old school method withing the community, happens to always work for me and the simplicity it brings is one thing I love about the solution.
Once you access the .htaccess file within the public directory of your project the below two (2) lines of code works like a charm; to make things more interesting I have used a dynamic label so that the solution works for any of your projects.
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]I will share my entire Laravel configuration for your use case
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
Options +FollowSymLinks -Indexes
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
