Last Update - 27 May 2020

How to force redirect HTTP to HTTPS in Laravel 7.x and 6.x and more

Hey friend, are you facing an issue of not secure a URL. Then don't worry this the best solution of How to force redirect HTTP to HTTPS in Laravel 7.x and 6.x and more upcoming Laravel versions.

How do I redirect to https?

There are several methods of enabling an Apache redirect HTTP to HTTPS

  1. Enable the redirect in the Virtual Host file for the necessary domain.
  2. Enable it in the .htaccess file (previously created in the webroot folder).
  3. Use the mod_rewrite rule in the Virtual Host file.
  4. Use it in the .htaccess file to force HTTPS.

Read this also: How to Clear cache in Laravel

How do I redirect http to htaccess https?

Redirecting HTTP to HTTPS is easy with .htaccess file, but this is not a proper way to do this in the Laravel framework.

  1. Redirect All Web Traffic. If you have existing code in your .htaccess, add the following:
RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.yourdomain.com/$1 [R,L]
  1. Redirect Only a Specific Domain.
  2. Redirect Only a Specific Folder.

How do I redirect in Laravel?

You can make it works with a Middleware class. Let me give you an idea. Here, we have to create Middleware, So simple create middleware on following path and then you have to register that middleware in Kernel.php file.

Read this also: How to install Laravel on windows using wamp

So let's just follow these steps:

Create HttpsProtocol Middleware

Now we have to create "HttpsProtocol" middleware and we will write code of redirect http to https link. So here i written code for redirect and make only for production server. So let's create middleware.

Checkout This link for

You path: app/Http/Middleware/HttpsProtocol.php

<?php
namespace App\Http\Middleware;

use Closure;

class HttpsProtocol {

    public function handle($request, Closure $next)
    {
            if (!$request->secure()) {
               return redirect()->secure($request->getRequestUri());
            }

            return $next($request); 
    }
}
?>

Next we have to register this middleware in Kernel.php file as bellow following code.

You path for Kernel: app/Http/Kernel.php

You just need to add this line in the middlewareGroups section.

\App\Http\Middleware\HttpsProtocol::class,

Look at the complete file of kernel.php

<?php

namespace App\Http;

use Illuminate\Foundation\Http\Kernel as HttpKernel;

class Kernel extends HttpKernel
{
    /**
     * The application's global HTTP middleware stack.
     *
     * These middleware are run during every request to your application.
     *
     * @var array
     */
    protected $middleware = [
        \App\Http\Middleware\TrustProxies::class,
        \App\Http\Middleware\CheckForMaintenanceMode::class,
        \Illuminate\Foundation\Http\Middleware\ValidatePostSize::class,
        \App\Http\Middleware\TrimStrings::class,
        \Illuminate\Foundation\Http\Middleware\ConvertEmptyStringsToNull::class,
    ];

    /**
     * The application's route middleware groups.
     *
     * @var array
     */
    protected $middlewareGroups = [
        'web' => [
            \App\Http\Middleware\EncryptCookies::class,
            \Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse::class,
            \Illuminate\Session\Middleware\StartSession::class,
            // \Illuminate\Session\Middleware\AuthenticateSession::class,
            \Illuminate\View\Middleware\ShareErrorsFromSession::class,
            \App\Http\Middleware\VerifyCsrfToken::class,
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
            \App\Http\Middleware\HttpsProtocol::class,
        ],

        'api' => [
            'throttle:60,1',
            \Illuminate\Routing\Middleware\SubstituteBindings::class,
        ],
    ];

    /**
     * The application's route middleware.
     *
     * These middleware may be assigned to groups or used individually.
     *
     * @var array
     */
    protected $routeMiddleware = [
        'auth' => \App\Http\Middleware\Authenticate::class,
        'auth.basic' => \Illuminate\Auth\Middleware\AuthenticateWithBasicAuth::class,
        'bindings' => \Illuminate\Routing\Middleware\SubstituteBindings::class,
        'cache.headers' => \Illuminate\Http\Middleware\SetCacheHeaders::class,
        'can' => \Illuminate\Auth\Middleware\Authorize::class,
        'guest' => \App\Http\Middleware\RedirectIfAuthenticated::class,
        'password.confirm' => \Illuminate\Auth\Middleware\RequirePassword::class,
        'signed' => \Illuminate\Routing\Middleware\ValidateSignature::class,
        'throttle' => \Illuminate\Routing\Middleware\ThrottleRequests::class,
        'verified' => \Illuminate\Auth\Middleware\EnsureEmailIsVerified::class,
		'role' => \App\Http\Middleware\Role::class,
		'superadmin' => \App\Http\Middleware\Superadmin::class
    ];

    /**
     * The priority-sorted list of middleware.
     *
     * This forces non-global middleware to always be in the given order.
     *
     * @var array
     */
    protected $middlewarePriority = [
        \Illuminate\Session\Middleware\StartSession::class,
        \Illuminate\View\Middleware\ShareErrorsFromSession::class,
        \App\Http\Middleware\Authenticate::class,
        \Illuminate\Routing\Middleware\ThrottleRequests::class,
        \Illuminate\Session\Middleware\AuthenticateSession::class,
        \Illuminate\Routing\Middleware\SubstituteBindings::class,
        \Illuminate\Auth\Middleware\Authorize::class,
    ];
}

I hope you found your best solution. Thank you for reading this.

Did you find this page helpful? X