How to force Laravel Project to use HTTPS for all routes? - (Laravel force https)

How to force Laravel Project to use HTTPS for all routes? - (Laravel force https)

Hey friend, are you facing an issue of not secure a URL. Then don't worry about this, the best solution of How to force Laravel redirect HTTP to HTTPS in Laravel 8.x, 9.x and 10.x and more upcoming Laravel versions.

How do I redirect to https?

There are several methods of enabling an Apache redirect HTTP to HTTPS. Let's checkout how to force https. HTTPS is very important for SEO.

  1. Enable the redirect in the Virtual Host file for the necessary domain.
  2. Enable it in the .htaccess file (previously created in the webroot folder).
  3. Use the mod_rewrite rule in the Virtual Host file.
  4. Use it in the .htaccess file to force HTTPS.

Read this also: How to Clear cache in Laravel

Laravel 9 force https

How do I redirect http to htaccess https?

Redirecting HTTP to HTTPS is easy with the .htaccess file, but this is not a proper way to do this in the Laravel framework.

Loading...
  1. Redirect All Web Traffic. If you have existing code in your .htaccess, add the following:
RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]
  1. Redirect Only a Specific Domain.
  2. Redirect Only a Specific Folder.

How do I redirect in Laravel http to https?

You can make it works with a Middleware class. Let me give you an idea. Here, we have to create Middleware, So simple create middleware on the following path, and then you have to register that middleware in the Kernel.php file.

Read this also: How to install Laravel on windows using wamp

So let's just follow these steps:

Create Https Protocol Middleware

Now we have to create "HttpsProtocol" middleware and we will write code to redirect HTTP to the force https link. So here I have written code for redirect and make only for the production server. So let's create middleware.

Checkout This link for

Loading...

You path: app/Http/Middleware/HttpsProtocol.php

<?php
namespace App\Http\Middleware;

use Closure;

class HttpsProtocol {

    public function handle($request, Closure $next)
    {
            if (!$request->secure()) {
               return redirect()->secure($request->getRequestUri());
            }

            return $next($request); 
    }
}
?>

Next we have to register this middleware in Kernel.php file as bellow following code.

You path for Kernel: app/Http/Kernel.php

You just need to add this line in the middleware Groups section.

\App\Http\Middleware\HttpsProtocol::class,

Look at the complete file of kernel.php

Loading...
<?php

namespace App\Http;

use Illuminate\Foundation\Http\Kernel as HttpKernel;

class Kernel extends HttpKernel
{
    /**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware = [
        \App\Http\Middleware\TrustProxies::class,
        \App\Http\Middleware\CheckForMaintenanceMode::class,
        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
        \App\Http\Middleware\TrimStrings::class,
        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
    ];

    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            // \Illuminate\Session\Middleware\AuthenticateSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
            \App\Http\Middleware\HttpsProtocol::class,
        ],

        'api' => [
            'throttle:60,1',
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
    ];

    /**
     * The application's route middleware.
     *
     * These middleware may be assigned to groups or used individually.
     *
     * @var array
     */
    protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
        'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
		'role' => \App\Http\Middleware\Role::class,
		'superadmin' => \App\Http\Middleware\Superadmin::class
    ];

    /**
     * The priority-sorted list of middleware.
     *
     * This forces non-global middleware to always be in the given order.
     *
     * @var array
     */
    protected $middlewarePriority = [
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\Authenticate::class,
        \Illuminate\Routing\Middleware\ThrottleRequests::class,
        \Illuminate\Session\Middleware\AuthenticateSession::class,
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
        \Illuminate\Auth\Middleware\Authorize::class,
    ];
}

I hope you found your best solution. Thank you for reading this.

Related posts

Write a comment