CodeIgniter Forums

Full Version: Codeigniter HTTPS (SSL) What is the "Best Practice"?
You're currently viewing a stripped down version of our content. View the full version with proper formatting.
I have a Codeigniter application which was developed and tested on the normal http. Now the Apache server has been configured in such a way that all of the pages are stored in a single folder which is SSL enabled. The SSL certificate is in place. When I browse to the website using "https://www" then it redirects to "http://www". NOTE : I do not need to load specific pages using SSL. I just need all pages to show as HTTPS.

I have tried the proposed solutions suggested on Stack Overflow including :

1. Modifying the .htaccess file to force HTTPS

2. Setting the $config['base_url'] = "";

When I tried the above method in tandem then Firefox gave the following error : "The page isn't redirecting properly. Firefox has detected that the server is redirecting the request for this address in a way that will never complete."

Many Stack Overflow contributors suggest that this should be handled by Apache only. That makes sense to me but forcing HTTPS via .htaccess gives the same error.

Is there a simple "best practice" way to do this without hooks and SSL Helpers, etc?
In my own websites, I have used the following for .htaccess:

RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$$1 [R,L]

You didn't share what you did, so it's impossible to know.

It does look like you've set the base_url correctly.

You might check the security cert and make sure www is covered, but I don't think that's your problem.
Hi ~ here is the .htaccess code I used :

RewriteEngine On
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

And the */application/config/config.php file includes :

$config['base_url'] = "";
redirect to https url in codeigniter using hooks is a good method rather than htaccess
i use this tuts *Redacted: no longer working*
Thanks Suhindra. I did come across this tutorial. I was wondering if you think that there are advantages to using "Hooks" for this purpose?
I have separate conf files in Apache for http and https, with the https conf specifying:

<VirtualHost *:443>

and including the SSL configuration, but otherwise it's a fairly normal configuration for a CI site.

For some of my sites, the http conf file looks something like this:

<VirtualHost *:80>
    Redirect 301 /

For other sites, I might have a normal http conf for the port 80 virtual host, or some portions of the site may be redirected to https. In all cases, I set the site's base_url to include the https://, so they end up using https once they click a link on the site, regardless of whether they were redirected in the first place.
I have renewed my SSL certificate with Godaddy, I´ve been instructed to redirect my website to HTTPS by changing the htaccess file.

 <IfModule mod_rewrite.c>

RewriteEngine On

RewriteCond %{HTTP_HOST} ^ [NC]
RewriteRule ^(.*)$$1 [L,R=301,NC]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]

The website when is redirected to https the website is completely different and not functional.

Could someone help me with this issue please?
Many thanks in advanced
(01-29-2016, 02:18 PM)mwhitney Wrote: [ -> ]I have separate conf files in Apache for http and https...

Same here, in my opinion this is Apache's job, not CodeIgniter's. Any method other than a separate virtual host is less efficient (albeit you probably won't notice any difference in terms of performance).