The webapp is built using CodeIgniter and the I'm using Cloudflare's Flexible SSL.
The pages load over HTTPS, but whenever there is a redirect, the page loads over HTTP. From then on, all pages are served over HTTP.
Here's an example:
public function logout()
{
$this->session->sess_destroy();
redirect('/');
}
After the logout function, all pages are loaded over HTTP.
How can I ensure that pages load over HTTPS after redirects?
Here are the contents of my .htaccess file:
<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /
RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
RewriteCond %{REQUEST_URI} ^application.*
RewriteRule ^(.*)$ /index.php?/$1 [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</IfModule>
<IfModule !mod_rewrite.c>
ErrorDocument 404 /index.php
</IfModule>
RewriteEngine On
RewriteCond %{SERVER_PORT} 80
RewriteRule ^(.*)$ https://www.myurl.com/$1 [R,L]
The easy way might be to set base_url like so
$config['base_url'] = "https://yoursite.com/";
That will cause all CI functions that access $config['base_url']
- which includes redirect()
- to use https.
Not often talked about is the ability of base_url()
to force a protocol by using a second argurment. eg
echo base_url("blog/post/123", 'https');
You can use .htaccess to force a redirect to the https protocol. Put this above your existing commands.
RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.