How to force ssl in codeigniter?
Solution 1
Open config file from location application/config/config.php
and enable or set hooks to true like this:
$config['enable_hooks'] = TRUE;
Then create a new file named hooks.php
inside the config
folder (i.e. application/config/hooks.php) and add the following code in it:
$hook['post_controller_constructor'][] = array(
'function' => 'redirect_ssl',
'filename' => 'ssl.php',
'filepath' => 'hooks'
);
Now create a new directory named hooks
inside the application
folder (i.e. application/hooks) and then create a new file named ssl.php
inside the hooks
folder (i.e. application/hooks/ssl.php).
Add the following code in the ssl.php
file:
function redirect_ssl() {
$CI =& get_instance();
$class = $CI->router->fetch_class();
$exclude = array('client'); // add more controller name to exclude ssl.
if(!in_array($class,$exclude)) {
// redirecting to ssl.
$CI->config->config['base_url'] = str_replace('http://', 'https://', $CI->config->config['base_url']);
if ($_SERVER['SERVER_PORT'] != 443) redirect($CI->uri->uri_string());
} else {
// redirecting with no ssl.
$CI->config->config['base_url'] = str_replace('https://', 'http://', $CI->config->config['base_url']);
if ($_SERVER['SERVER_PORT'] == 443) redirect($CI->uri->uri_string());
}
}
Solution 2
Change
base_url
in your config:$config['base_url'] = 'https://www.my-site.com/';
- Provide a certificate for your secure connection
Redirect incoming traffic from
http
tohttps
:RewriteCond %{HTTPS} off RewriteRule .* https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Admin
Updated on March 10, 2020Comments
-
Admin about 4 years
I am using codeigniter 3. How do I force SSL connection to my web pages so that all the pages are loaded with the green padlock icon beside it?
Note: How can I do this without having to edit htaccess file ?
-
Tri Murvianto over 6 yearsi have already trying this. but the ssl still shows not secure. why is that?
-
Adrian P. over 6 years@TriMurvianto check for insecure elements on page source such as images loaded with http, scripts with full path hard coded http instead of https
-
DanimalReks about 5 yearsThis is by far the simplest and best solution IMHO. I had a site that was not behaving when I used my usual htaccess file. Turns out the original author did not explicitly set the base url.
-
NomanJaved over 4 yearswhere to add the
cert file
andkey file
in codeigniter? And how it will be accessed by c? -
NomanJaved about 4 years@fustaki Can you please elaborate step 2. Where to provide certificate in CI.
-
shellakkshellu about 4 yearsWhen I run with HTTP the request body is missing
-
Vrushal Raut almost 4 yearsThis solution work in my case but make sure that in config.php set base url
$config['base_url']='https://example.com'
. -
ggsuha over 3 yearsWork! But, instead using
post_controller_constructor
, I usepre_controller
. -
Herbert Van-Vliet over 3 years@NomanJaved: A certificate is usually setup through your web panel and the webserver (often Apache) will take care of all details; CodeIgniter usually does not have anything to do with that.