Redirecting from HTTPS to HTTP

Question

The webapp is built using CodeIgniter and the I'm using Cloudflare's Flexible SSL.

The pages load over HTTPS, but whenever there is a redirect, the page loads over HTTP. From then on, all pages are served over HTTP.

Here's an example:

public function logout()
{
    $this->session->sess_destroy();
    redirect('/');

}

After the logout function, all pages are loaded over HTTP.

How can I ensure that pages load over HTTPS after redirects?

Here are the contents of my .htaccess file:

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteBase /

RewriteCond %{REQUEST_URI} ^system.*
RewriteRule ^(.*)$ /index.php?/$1 [L]

RewriteCond %{REQUEST_URI} ^application.*
RewriteRule ^(.*)$ /index.php?/$1 [L]

RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ index.php?/$1 [L]
</IfModule>
 <IfModule !mod_rewrite.c>
    ErrorDocument 404 /index.php
</IfModule> 

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.myurl.com/$1 [R,L]

Answer 1

The easy way might be to set base_url like so

$config['base_url'] = "https://yoursite.com/";

That will cause all CI functions that access $config['base_url'] - which includes redirect() - to use https.

Not often talked about is the ability of base_url() to force a protocol by using a second argurment. eg

echo base_url("blog/post/123", 'https'); 

You can use .htaccess to force a redirect to the https protocol. Put this above your existing commands.

RewriteEngine on
RewriteCond %{HTTPS} !=on
RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R,L]