Setting up HTTPS redirects on Heroku Laravel Instance

Question

I have a Laravel 5 build running on an apache Heroku instance and I am trying to make sure all traffic is converted through https, however I am desperately lost.

I have the SSL certificate up and running successfully. However with Heroku you cannot edit the .htaccess file on their server directly. So their recommendation on this page is to set up an apache_app.conf and tell Heroku to read it by putting this in the Procfile:

web: vendor/bin/heroku-php-apache2 -C apache_app.conf public/

However when I do this, pretty much any kind of HTTPS rewrite rules I add cause a redirect loop or an application error. Here is my current configuration:

RewriteEngine on

#Normal way (in case you need to deploy to NON-heroku)
RewriteCond %{HTTPS} !=on

#Heroku way
RewriteCond %{HTTP:X-Forwarded-Proto} !https

#If neither above conditions are met, redirect to https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Can you add your `apache_app.conf` contents to your question? — elithrar, Jul 17 '15 at 04:44
@elithrar Sure, updated. I should note that I was finally able to fix this by adding "DirectoryIndex index.php index.html index.htm" to the top of the apache_conf.php file. I suppose that was the problem. Although I am admittedly out of depth with this stuff. — John, Jul 17 '15 at 13:08
You should answer your own question and then mark it as the answer. This fixed my problem exactly. Thanks. — Anthony, Oct 18 '16 at 06:18
Adding that code to the public/.htaccess file and removing the "-C apache_app.conf" from the Procfile also does the trick — badcom, Nov 16 '17 at 16:32

score 1 · Answer 1 · answered Nov 27 '17 at 12:38

1

Instead of handling redirect by .htaccess I was able to do it by this method

HttpsProtocol middleware will redirect every web route to the HTTPS protocol

answered Nov 27 '17 at 12:38

Bilal Maqsood

1,163
3
15
43

my routes defined in api.php and web.php does not work in heruko – user123456 Feb 09 '20 at 17:26
1

return redirect()->secure() doesn't work on my heroku instance. any idea why? – SMPLYJR Apr 25 '20 at 16:02

score 1 · Answer 2 · answered Aug 23 '21 at 21:43

According to Heroku documentation, you must have "TrustProxies" middleware modified to have $proxies set as "*"

class TrustProxies extends Middleware
{
    protected $proxies = '*';
// ...

https://devcenter.heroku.com/articles/getting-started-with-laravel#trusting-the-load-balancer

Setting up HTTPS redirects on Heroku Laravel Instance

2 Answers2

Linked