1. Home
2. Questions
3. AI Assist Labs
4. Tags
6. Challenges
7. Chat
8. Articles
9. Users
11. Jobs
12. Companies
13. Collectives
14. Communities for your favorite technologies. Explore all Collectives
Stack Internal

Stack Overflow for Teams is now called Stack Internal. Bring the best of human thought and AI automation together at your work.
Try for free Learn more
Stack Internal
Bring the best of human thought and AI automation together at your work. Learn more

How to force https in CakePHP without redirect from http?

Ask Question

Asked 10 years, 11 months ago

Modified 9 years, 8 months ago

Viewed 3k times

Part of PHP Collective

1

I want to use https for my CakePHP application.

I found some articles explain how to force https in CakePHP ( http://blog.andolasoft.com/2013/07/ssl-authentication-using-security-component-in-cakephp.html )

But the problem is I'm using load balancer (AWS), so I faced with the problem if I use redirect (redirect loop).

Would anyone have experience with this issue?

How to force https in CakePHP without redirect from http ?

Thanks so much.

asked Dec 9, 2014 at 4:18

Samuel

491 silver badge6 bronze badges

1

Probably gonna be a server setting, not a Cake thing.

Dave
– Dave

2014-12-09 04:32:44 +00:00
Commented Dec 9, 2014 at 4:32
1

"aws load balancer force https" - first result from Google

sjagr
– sjagr

2014-12-09 05:34:35 +00:00
Commented Dec 9, 2014 at 5:34

Add a comment |

1 Answer 1

Sorted by:

2

I use CakePHP 2 on server without https, but with activated cloudflare (with https). So CloudFlare give me https to the end user. This is what I have added to my /app/webroot/index.php to make it work:

function isSSL(){
    if( !empty( $_SERVER['https'] ) )
        return true;
    if( !empty( $_SERVER['HTTP_X_FORWARDED_PROTO'] ) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https' )
        return true;
    return false;
}

define('IS_IN_PRODUCTION', 1);
if( !isSSL() && IS_IN_PRODUCTION > 0){
    header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
    exit();
}

I hope this can help!

edited Apr 6, 2016 at 11:59

answered Feb 29, 2016 at 10:18

Peter Denev

5604 silver badges11 bronze badges

Sign up to request clarification or add additional context in comments.

4 Comments

quangteo.media Over a year ago

is define('IS_IN_PRODUCTION', 0); must be 1 when deploying to production env?

Peter Denev Over a year ago

Yes, IS_IN_PRODUCTION must be 1 to be active.

esjay Over a year ago

This also works in CakePHP 3. All of the other methods I've read about caused a redirect loop on my production host. Thanks!!

esjay Over a year ago

Another option might be to use a separate config file that is required as index.php is not ignored by git by default.

Your Answer

Sign up or log in

Post as a guest

Name

Email

Required, but never shown

Post as a guest

Name

Email

Required, but never shown

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.