Laravel 5 – redirect to HTTPS

by

You can make it works with a Middleware class. Let me give you an idea.

namespace MyApp\Http\Middleware;

use Closure;
use Illuminate\Support\Facades\App;

class HttpsProtocol {

    public function handle($request, Closure $next)
    {
            if (!$request->secure() && App::environment() === 'production') {
                return redirect()->secure($request->getRequestUri());
            }

            return $next($request); 
    }
}

Then, apply this middleware to every request adding setting the rule at Kernel.php file, like so:

protected $middleware = [
    'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
    'Illuminate\Cookie\Middleware\EncryptCookies',
    'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
    'Illuminate\Session\Middleware\StartSession',
    'Illuminate\View\Middleware\ShareErrorsFromSession',

    // appending custom middleware 
    'MyApp\Http\Middleware\HttpsProtocol'       

];

At sample above, the middleware will redirect every request to https if:

  1. The current request comes with no secure protocol (http)
  2. If your environment is equals to production. So, just adjust the settings according to your preferences.

Cloudflare

I am using this code in production environment with a WildCard SSL and the code works correctly. If I remove && App::environment() === 'production' and test it in localhost, the redirection also works. So, having or not a installed SSL is not the problem. Looks like you need to keep a very hard attention to your Cloudflare layer in order to get redirected to Https protocol.

Edit 23/03/2015

Thanks to @Adam Link‘s suggestion: it is likely caused by the headers that Cloudflare is passing. CloudFlare likely hits your server via HTTP and passes a X-Forwarded-Proto header that declares it is forwarding a HTTPS request. You need add another line in your Middleware that say…

$request->setTrustedProxies( [ $request->getClientIp() ] );

…to trust the headers CloudFlare is sending. This will stop the redirect loop

Edit 27/09/2016 – Laravel v5.3

Just need to add the middleware class into web group in kernel.php file:

protected $middlewareGroups = [
    'web' => [
        \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,

        // here
        \MyApp\Http\Middleware\HttpsProtocol::class

    ],
];

Remember that web group is applied to every route by default, so you do not need to set web explicitly in routes nor controllers.

Edit 23/08/2018 – Laravel v5.7

  • To redirect a request depending the environment you can use App::environment() === 'production'. For previous version was
    env('APP_ENV') === 'production'.
  • Using \URL::forceScheme('https'); actually does not redirect. It just builds links with https:// once the website is rendered.

More Related Contents:

  1. Laravel: How to Get Current Route Name? (v5 … v7)
  2. Laravel 5.1, Return response to user, then excute some code [closed]
  3. How to set up file permissions for Laravel?
  4. Target class controller does not exist – Laravel 8
  5. Laravel 5 – Remove Public from URL
  6. How Can I Remove “public/index.php” in the URL Generated Laravel?
  7. How to pass data to all views in Laravel 5?
  8. How to query between two dates using Laravel and Eloquent?
  9. Laravel 5 PDOException Could Not Find Driver
  10. How to Get the Query Executed in Laravel 5? DB::getQueryLog() Returning Empty Array
  11. Laravel Model with Two Primary Keys update [duplicate]
  12. Access denied for user ‘homestead’@’localhost’ (using password: YES)
  13. Handling expired token in Laravel
  14. Laravel 5.2 – Use a String as a Custom Primary Key for Eloquent Table becomes 0
  15. Trying to get Laravel 5 email to work
  16. Laravel 5 not finding css files
  17. Access to Laravel 5 app locally from an external device
  18. Script @php artisan package:discover handling the post-autoload-dump event returned with error code 255
  19. How can I paginate a merged collection in Laravel 5?
  20. Laravel 5.4 – Validation with Regex [duplicate]
  21. ReflectionException: Class ClassName does not exist – Laravel
  22. Laravel 5.1: keep uploaded file as old input
  23. How Can I Set the Default Value of a Timestamp Column to the Current Timestamp with Laravel Migrations?
  24. How to get client IP address in Laravel 5+
  25. Prevent Browser’s Back Button Login After Logout in Laravel 5
  26. Laravel – How to get current user in AppServiceProvider
  27. Eloquent Parent-Child relationship on same model
  28. My Laravel 5.2.10 Sessions wont persist
  29. Laravel 5 Clear Views Cache
  30. Optional parameter in the middle of a route

Leave a Comment