CodeIgniter Forums
HTTPS - Printable Version

+- CodeIgniter Forums (https://forum.codeigniter.com)
+-- Forum: Using CodeIgniter (https://forum.codeigniter.com/forumdisplay.php?fid=5)
+--- Forum: General Help (https://forum.codeigniter.com/forumdisplay.php?fid=24)
+--- Thread: HTTPS (/showthread.php?tid=71657)



HTTPS - ignitedcms - 09-10-2018

Hi Guys,

What's the best practice to setup https on codeigniter 3.0.x.

Any information / links would be great.

Regards,

IgnitedCMS


RE: HTTPS - Pertti - 09-10-2018

If you mean how to create certificates on server, it varies, depending on your hosting provider and server package. Also, some hosting companies auto-cert their accounts, so you wouldn't have to do anything extra, except handle $config['base_url'] dynamically.


RE: HTTPS - ignitedcms - 09-10-2018

Thank you for replying no I don't mean creating certificates, I mean specifically with codeigniter, do you just change the baseurl to https?

I don't know, I've never tried it.

And do I need to change the htaccess file?


RE: HTTPS - php_rocs - 09-10-2018

@ignitedcms,

Check with your host provider to see if they have cert's (if you want to purchase). Also, I know that there are free certificates too ( https://letsencrypt.org/ ).

Install it on your server then simply set your config variable $config['base_url'] to https://


RE: HTTPS - ignitedcms - 09-10-2018

(09-10-2018, 12:39 PM)php_rocs Wrote: @ignitedcms,

Check with your host provider to see if they have cert's (if you want to purchase). Also, I know that there are free certificates too ( https://letsencrypt.org/ ).

Install it on your server then simply set your config variable $config['base_url'] to https://

Thank you, I am using letsencrypt on plesk, however, do I need to change the htaccess file for all pages on my site and if so what?


RE: HTTPS - php_rocs - 09-10-2018

@ignitedcms,

You should not have to change the htaccess file unless you customized it. The purpose of the cert is to encrypt the data going between the server and the user. Your privileges should not be affected.


RE: HTTPS - ignitedcms - 09-10-2018

(09-10-2018, 01:19 PM)php_rocs Wrote: @ignitedcms,

You should not have to change the htaccess file unless you customized it.  The purpose of the cert is to encrypt the data going between the server and the user.  Your privileges should not be affected.

Thank you for the explanation it is much clearer now, I also found this link to redirect any traffic coming from regular http links.

https://stackoverflow.com/questions/42625147/how-to-force-ssl-in-codeigniter


RE: HTTPS - Pertti - 09-10-2018

Got it. This is what I use on one of the most recent sites:
PHP Code:
if (isset($_SERVER['HTTP_HOST'])) {
    
$config['base_url'] = (isset($_SERVER['HTTPS']) ? "https://" "http://") . $_SERVER['HTTP_HOST'] . '/';
} else {
    
// CLI tool
    
$config['base_url'] = '';


Not sure if it works on all configurations, but I get by on my local XAMPP and production server.

I guess long term it's not the most elegant solution, because it has to do a check and calculation for every request and it would be much better to just say base_url = X, but it works and probably doesn't affect the loads speed overall that much.


RE: HTTPS - ecampait - 09-10-2018

I use it

PHP Code:
/*
|--------------------------------------------------------------------------
| Base Site URL
|--------------------------------------------------------------------------
|
*/
// Possible hosts locally. You can add some if needed.
$config['host_dev'] = array('localhost''127.0.0.1''::1');

// Fill in the file of your project here when you develop locally.
$host_dev 'CI-AdminLTE';

// Fill in the domain name here when your project is online.
// Example : www.johndoe.com
//           johndoe.com
$host_prod 'your_domain.tld';

// WARNING: Do not modify the lines below
$domain = (in_array($_SERVER['HTTP_HOST'], $config['host_dev'], TRUE)) ? $_SERVER['HTTP_HOST'] . '/' $host_dev $host_prod;

$config['base_url'] = ( ! empty($_SERVER['HTTPS'])) ? 'https://' $domain 'http://' $domain