How to force Laravel Project to use HTTPS for all routes?
I am working on a project that requires a secure connection.
I can set the route, uri, asset to use 'https' via:
Route::get('order/details/{id}', ['uses' => 'OrderController@details', 'as' => 'order.details', 'https']);
url($language.'/index', [], true)
asset('css/bootstrap.min.css', true)
But setting the parameters all the time seems tiring.
Is there a way to force all routes to generate HTTPS links?
Place this in the AppServiceProvider in the boot() method
if($this->app->environment('production')) {
\URL::forceScheme('https');
}
Here are several ways. Choose most convenient.
-
Configure your web server to redirect all non-secure requests to https. Example of a nginx config:
server { listen 80 default_server; listen [::]:80 default_server; server_name example.com www.example.com; return 301 https://example.com$request_uri; } -
Set your environment variable
APP_URLusing https:APP_URL=https://example.com Use helper secure_url() (Laravel5.6)
-
Add following string to AppServiceProvider::boot() method (for version 5.4+):
\Illuminate\Support\Facades\URL::forceScheme('https');
Update:
-
Implicitly setting scheme for route group (Laravel5.6):
Route::group(['scheme' => 'https'], function () { // Route::get(...)->name(...); });
You can set 'url' => 'https://youDomain.com' in config/app.php or you could use a middleware class Laravel 5 - redirect to HTTPS.
I used this at the end of the web.php or api.php file and it worked perfectly:
URL::forceScheme('https');
Using the following code in your .htaccess file automatically redirects visitors to the HTTPS version of your site:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]