Force SSL Secure Routes in Laravel 5.2

Published 2 years ago by stargatesg1

I was looking for information on how to make all my routes redirect to SSL. I came across the following.

It will redirect the site to SSL but none of the routes seem to work.


I tried creating a Middleware class

namespace App\Http\Middleware;

use Closure;

class HttpsProtocol {

    public function handle($request, Closure $next)
            if (!$request->secure() && env('APP_ENV') === 'prod') {
                return redirect()->secure($request->getRequestUri());

            return $next($request); 

Then in kernal.php added

protected $middleware = [

    // appending custom middleware 


But still didn't work. I found this on stackoverflow

When I go to any route it keeps coming up with 404 error. But Laravel is working because it redirects to /login when I access the root of the site.

2 years ago (8,310 XP)

It worked for me, have you got it working?


A very simple solution that works perfectly for me, thanks!

FYI it's spelt 'Kernel.php', not sure if that is contributing to your errors. Also did you invoke the middleware either on the route declaration or in the constructor to the controller?


In AppServiceProvider put this in boot method:


1 year ago (2,160 XP)

You want to do this at the web server level using 301 redirects from http:// to https://

Search engines will unindex the http links.


@felipemarques I alway get "[BadMethodCallException] Method forceSchema does not exist." if I try to start the server via artisan serve or when I try to deploy to heroku.

The middleware solutions tells me to many redirects on heroku...

Any other ideas?


okay, I found a nice working, easy and clean solution for laravel > 5.3 here:

In your AppServiceProvider in the register method add:

if (env('APP_ENV') === 'production') {
        $this->app['request']->server->set('HTTPS', true);

works fine for me on heroku!

EDIT2:// okay, figured out the problem with "\URL::forceSchema('https');". In Laravel 5.4 the method is called "\URL::forceScheme('https');"


Laravel 5.4:

namespace App\Providers;

use Illuminate\Support\Facades\URL;
use Illuminate\Support\ServiceProvider;

class AppServiceProvider extends ServiceProvider
    public function boot()

Just do it with .htaccess file

1 year ago (11,260 XP)

I would caution using the .htaccess file. I'm not sure that would work in, for example, an Elastic Beanstalk environment, where you have a load balancer that communicates on HTTPS with the public, but HTTP between the balancer and servers.

9 months ago (5,360 XP)

@FNGR2911 thanks. That worked. but better

if (config('app.env') === 'production') { $this->app['request']->server->set('HTTPS', true); }


Sometimes I get err_spdy_protocol_error when enabling HTTPS this way. Anyone know why?


use this in htaccess

<IfModule mod_rewrite.c>
   RewriteEngine On
   RewriteCond %{HTTPS} !=on
   RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
   RewriteRule ^(.*)$ public/$1 [L]

دریل هیوندای


@FNGR2911 Thanks so much!!! I really appreciate your help. After trying on Heroku with Procfile, .htaccess and via boot method method of service provider, it is finally working on my application with your solution.

Please sign in or create an account to participate in this conversation.