Hi there,
I'm creating many different web apps with Laravel 5 like an e-commerce, a blog, etc... All of my web apps need a login so I must secure my routes (mostly the ones like an e-commerce app) but I don't really understand how the SSL certificate works and how to apply them...
If I'm not wrong to secure a route I need:
Buy an SSL certificate.
Set a Middlewere in Laravel 5 to apply to the routes like here: http://stackoverflow.com/questions/28402726/laravel-5-redirect-to-https
Set up the SSL on my server.
Is it OK? Or I need something else? Any other security advices for an e-commerce web app?
Best Regards
You should probably manage HTTP to HTTPS redirects at server level, not code. That way, all requests will be HTTPS, just have to make sure links/resources etc are linked via HTTPS.
Here's a post I did on redirecting to HTTPS with and without www. https://bashy.im/blog/nginx-redirect-to-https-with-without-www-subdomain
Please or to participate in this conversation.