cakephpsslhttpscakephp-2.0litespeed

cakephp and https redirects


I have a site that has some strict requirements for SEO purposes.

The main one is redirecting all http requests to https which I have done by adding this into the AppController:

public function forceSSL() {
    return $this->redirect('https://' . env('SERVER_NAME') . $this->here);
}

public function beforeFilter() {
    $this->Security->blackHoleCallback = 'forceSSL';
    $this->Security->requireSecure();
}

The issue I have is with 404 pages, they do not redirect to https (eg. www.hublink.net/asdfg)

I have also added these 2 lines to the .htaccess file (from another post), and removed the above code but then get a "redirect loop" error

RewriteCond %{HTTPS} !=on [NC]
RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [R,L]

Solution

  • I have this in my .htaccess file and it works great. I have it ignoring local and staging URLs, like if I had http://local.example.com it will not force redirection for that url. Those lines can be removed. I like using the .htaccess approach over the one in the AppController. This is also the top level .htaccess file in a standard CakePHP install on a shared hosting environment. There are three .htaccess files in a normal Cakephp install.

    <IfModule mod_rewrite.c>
        RewriteEngine on
        RewriteBase /
    
        # FORCE SSL REDIRECTION
        RewriteCond %{ENV:HTTPS} !on [NC]
        RewriteCond %{HTTP_HOST} !^local [NC]
        RewriteCond %{HTTP_HOST} !^staging [NC]
        RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
    
        RewriteRule ^$ app/webroot/ [L]
        RewriteRule (.*) app/webroot/$1 [L]
    </IfModule>
    

    Check your hosting environment and make sure your allowed to have .htaccess files. Need to make sure ModRewrite is installed and working as well.