How to force ssl in codeigniter?
Open config file from location application/config/config.php
and enable or set hooks to true like this:
$config['enable_hooks'] = TRUE;
Then create a new file named hooks.php
inside the config
folder (i.e. application/config/hooks.php) and add the following code in it:$hook['post_controller_constructor'][] = array(
'function' => 'redirect_ssl',
'filename' => 'ssl.php',
'filepath' => 'hooks'
);
Now create a new directory named hooks
inside the application
folder (i.e. application/hooks) and then create a new file named ssl.php
inside the hooks
folder (i.e. application/hooks/ssl.php).Add the following code in the ssl.php
file:
function redirect_ssl() {
$CI =& get_instance();
$class = $CI->router->fetch_class();
$exclude = array('client'); // add more controller name to exclude ssl.
if(!in_array($class,$exclude)) {
// redirecting to ssl.
$CI->config->config['base_url'] = str_replace('http://', 'https://', $CI->config->config['base_url']);
if ($_SERVER['SERVER_PORT'] != 443) redirect($CI->uri->uri_string());
} else {
// redirecting with no ssl.
$CI->config->config['base_url'] = str_replace('https://', 'http://', $CI->config->config['base_url']);
if ($_SERVER['SERVER_PORT'] == 443) redirect($CI->uri->uri_string());
}
}
How to redirect http to https in codeigniter
Now I got a solution,
I updated my htaccess file.--
RewriteEngine On
RewriteCond %{HTTPS} off [OR]
RewriteCond %{HTTP_HOST} !^www\. [OR]
RewriteCond %{HTTP_HOST} ^myhost\.com$ [NC]
RewriteRule ^ https://www.myhost.com%{REQUEST_URI} [R=301,L,NE]
RewriteCond %{THE_REQUEST} ^[A-Z]+\ /index\.php(/[^\ ]*)?\ HTTP/
RewriteRule ^index\.php(/(.*))?$ myhost.com/$2 [R=301,L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php/$1 [L]
Now, It worked for me smoothly.. :) HTTPS .htaccess on Codeigniter How to Force SSL?
This can all be done solely through the .htaccess file. You need to check the %{HTTPS}
variable. Altering the .htaccess you provided, here is how you would redirect to https :
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/(favicon\.ico|apple-touch-icon.*\.png)$ [NC]
RewriteRule (.+) index.php?p=$1 [QSA,L]
</IfModule>
If you need to redirect to www.
as well, do that redirect first like so :<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{HTTP_HOST} !^www\. [NC]
RewriteRule (.*) https://www.%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} !^/(favicon\.ico|apple-touch-icon.*\.png)$ [NC]
RewriteRule (.+) index.php?p=$1 [QSA,L]
</IfModule>
Note : Only use RewriteBase /
if codeigniter is installed at the root directory of the domain.Also, one thing that is interesting about your existing .htaccess file is RewriteRule (.+) index.php?p=$1 [QSA,L]
. I've usually seen it setup as RewriteRule ^(.*)$ index.php?/$1 [L,QSA]
. I haven't seen the p=$1
portion before. However, if it's working that way don't mess with it.
Force https://www. for Codeigniter in htaccess with mod_rewrite
I think, instead of
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
you should have something likeRewriteRule ^.*$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
do have the rewrite rule match. Your link is currently produced by the third rule. codeigniter, force ssl on a particular page
You need add Condition on .htaccess
to make use SSL port work only for selected urls.
Here is example, how to do
RewriteEngine on
RewriteCond %{SERVER_PORT} 80
RewriteCond %{REQUEST_URI} controller/function
RewriteRule ^(.*)$ https://www.yourdomain.com/controller/function[R=301,L]
RewriteCond %{SERVER_PORT} 443
RewriteCond %{REQUEST_URI} controller/function
RewriteRule ^(.*)$ https://www.yourdomain.com/controller/function[R=301,L]
RewriteCond $1 !^(index\.php|images|robots\.txt)
RewriteRule ^(.*)$ index.php/$1 [L]
P.S : Your base_url
must be set to “/”
in your config file.For more information check http://codeigniter.com/wiki/SSL_Handling
forcing Codeigniter HMVC to use SSL
Because you say,
I assume you are not using a shared server from a hosting provider and so you have complete access to Apache's configuration files. If that is true then you should not use .htaccess files. Read THIS and THIS to learn why.my webserver is an ubuntu 16 machine
I also assume you have a set of Apache "sites-available" files that define <VirtualHost>
configs. It is inside those <VirtualHost>
blocks where you should be placing the code you currently have in .htaccess.
To redirect all http requests to https try this as the contents of the "default" site in a "sites-available" configuration file e.g. "000-default.conf"
<VirtualHost *:80>
ServerName www.example.com
ServerAlias example.com
RedirectMatch 301 (.*) https://www.example.com$1
</VirtualHost>
What this will do is take any http request and immediately redirect to the https: URL. If you are using some other port besides the typical :80, adjust accordingly.As mentioned, you can do the rewriting in a VirtualHost. Here's an example for the https: config file (maybe named along the lines of "020-example-443.conf")
<VirtualHost *:443>
ServerName www.example.com
ServerAlias example.com
DocumentRoot /var/www/whatever
ServerAdmin web-boss@example.com
<Directory /var/www/whatever>
DirectoryIndex index.php
Options -Indexes +FollowSymLinks
AllowOverride All
Require all granted
RewriteEngine on
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [PT]
</Directory>
# SSL Engine Switch:
# Enable/Disable SSL for this virtual host.
SSLEngine on
# Certificates delivered by certbot - your's maybe elsewhere
SSLCertificateFile /etc/letsencrypt/live/yoursite/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/yoursite/privkey.pem
#SSLOptions +FakeBasicAuth +ExportCertData +StrictRequire
<FilesMatch "\.(cgi|shtml|phtml|php)$">
SSLOptions +StdEnvVars
</FilesMatch>
<Directory /usr/lib/cgi-bin>
SSLOptions +StdEnvVars
</Directory>
</VirtualHost>
With these in place, you won't have to do anything special in CodeIgniter except, as you already do, use the following$config['base_url'] = 'https://www.example.com/';
How can I have CodeIgniter load specific pages using SSL?
There are few ways to tackle this.
Option 1:
I would probably have the code deployed to both folders, then in the file: /system/application/config/config.php, set your page to:
$config['base_url'] = "http://www.yoursite.com/";
or$config['base_url'] = "https://www.yoursite.com/";
Then in your non-ssl VirtualHost folder, set your config to redirect protected pages by folder to the SSL site:RedirectPermanent /sslfolder https://www.yoursite.com/sslfolder
Option 2:Send everything to SSL and keep all your code in one folder
/system/application/config/config.php, set your page to:
$config['base_url'] = "https://www.yoursite.com/";
Other OptionsThere are some more hacky ways to do this with header() redirects, etc. but I don't think you want to maintain different code bases for this option. I don't recommend this but you could do something like:
$config['base_url'] = “http://” . $_SERVER['http_host'] . “/”;
Forcing SSL in codeigniter with a helper
I answered a similar question here: https://stackoverflow.com/questions/1500527/how-to-use-ssl-with-codeigniter/1500558#1500558
But, in a nutshell:
<IfModule mod_rewrite.c>
RewriteEngine On
RedirectPermanent /sslfolder https://www.yoursite.com/sslfolder
</IfModule>
Related Topics
Storing Leading Zeros of Integers in MySQL Database as Integer
Measure the Pronounceability of a Word
Encoding Byte Data into Digits
Remove "(Optional)" Text from Checkout Fields in Woocommerce 3.4+
PHP Displaying Unread Mail Count
Pdo Prepared Statements for Insert and on Duplicate Key Update with Named Placeholders
How to Create a PHP Function That I Can Call Without Parentheses
Get the Get Variables from a Url String
Php: Move_Uploaded_File() Failed to Open Stream: No Such File or Directory
Upload File Using Guzzle 6 to API Endpoint
Laravel: How to Use Multiple Pivot Table Relationships
How to Get Content of Remote HTML Page
PHP MySQL Charset Utf8 Problems