Force SSL Secure Routes in Laravel 5.2

I tried creating a Middleware class

namespace App\Http\Middleware;

use Closure;

class HttpsProtocol {

    public function handle($request, Closure $next)
    {
            if (!$request->secure() && env('APP_ENV') === 'prod') {
                return redirect()->secure($request->getRequestUri());
            }

            return $next($request); 
    }
}

Then in kernal.php added

protected $middleware = [
    'Illuminate\Foundation\Http\Middleware\CheckForMaintenanceMode',
    'Illuminate\Cookie\Middleware\EncryptCookies',
    'Illuminate\Cookie\Middleware\AddQueuedCookiesToResponse',
    'Illuminate\Session\Middleware\StartSession',
    'Illuminate\View\Middleware\ShareErrorsFromSession',

    // appending custom middleware 
    'MyApp\Http\Middleware\HttpsProtocol'       

];

But still didn't work. I found this on stackoverflow

http://stackoverflow.com/questions/28402726/laravel-5-redirect-to-https

When I go to any route it keeps coming up with 404 error. But Laravel is working because it redirects to /login when I access the root of the site.

It worked for me, have you got it working?

A very simple solution that works perfectly for me, thanks!

FYI it's spelt 'Kernel.php', not sure if that is contributing to your errors. Also did you invoke the middleware either on the route declaration or in the constructor to the controller?

In AppServiceProvider put this in boot method:

\URL::forceSchema('https');

You want to do this at the web server level using 301 redirects from http:// to https://

Search engines will unindex the http links.

Thanks @felipemarques

@felipemarques I alway get "[BadMethodCallException] Method forceSchema does not exist." if I try to start the server via artisan serve or when I try to deploy to heroku.

The middleware solutions tells me to many redirects on heroku...

Any other ideas?

EDIT://

okay, I found a nice working, easy and clean solution for laravel > 5.3 here: https://www.codecourse.com/forum/topics/force-ssl-laravel-andor-heroku

In your AppServiceProvider in the register method add:

if (env('APP_ENV') === 'production') {
        $this->app['request']->server->set('HTTPS', true);
}

works fine for me on heroku!

EDIT2:// okay, figured out the problem with "\URL::forceSchema('https');". In Laravel 5.4 the method is called "\URL::forceScheme('https');"

Laravel 5.4:

namespace App\Providers;

use Illuminate\Support\Facades\URL;
use Illuminate\Support\ServiceProvider;

class AppServiceProvider extends ServiceProvider
{
    public function boot()
    {
        URL::forceScheme('https');
    }

Just do it with .htaccess file

http://stackoverflow.com/a/42870336/4004188

I would caution using the .htaccess file. I'm not sure that would work in, for example, an Elastic Beanstalk environment, where you have a load balancer that communicates on HTTPS with the public, but HTTP between the balancer and servers.

@FNGR2911 thanks. That worked. but better

if (config('app.env') === 'production') { $this->app['request']->server->set('HTTPS', true); }

Sometimes I get err_spdy_protocol_error when enabling HTTPS this way. Anyone know why?

use this in htaccess

<IfModule mod_rewrite.c>
   RewriteEngine On
   RewriteCond %{HTTPS} !=on
   RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
   RewriteRule ^(.*)$ public/$1 [L]
</IfModule>

دریل هیوندای

@FNGR2911 Thanks so much!!! I really appreciate your help. After trying on Heroku with Procfile, .htaccess and via boot method method of service provider, it is finally working on my application with your solution.