Why is request()->isSecure() returning false when visiting a HTTPS-url? I am using Laravel Forge and I have a load balancer. Logging the request I get this data:
request()->url(), // "http://xx.xx"
request()->isSecure(), // false
request()->getClientIps(), // XX.XX.XX.XX
In TrustProxies (which is added in the $middleware array in Http/Kernel.php):
protected $proxies = [
'XX.XX.XX.XX', // exactly the same as in the logged data above
];
In my AppServiceProvider's boot() method:
if (env('APP_ENV') == 'production') {
\URL::forceScheme('https');
}
Edit:
I am also using Cloudflare, and I have added all the Cloudflare proxies to $proxies as well. Check the logs, I see these headers in the request:
X-Forwarded-Proto: http
Cf-Visitor: {"scheme":"https"}
Referer: https://xx.xx/someurl
While You are using Cloudflare You should to use "Full SSL/TLS encryption mode".