htaccess - Laravel force https

Question

I've a problem of redirection with my htacess file.

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>
    RewriteEngine On


    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [L,R=301]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]

    #http > https
    RewriteCond %{HTTP:X-Forwarded-Proto} !https
    RewriteCond %{REQUEST_URI} !/(api/list|api/categories)
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
</IfModule>

And i'v had this in my AppServiceProvider in boot méthod

if(env('APP_ENV') == 'production'){
  \URL::forceScheme("https");
}

The problem is the following : when i call url myndd.fr i'm redirect to HTTPS that's OK. But when i call

myndd.fr/api/list
myndd.fr/api/categories

i'm redirect to https://myndd.fr/index.php?params_url and for this specific route i don't want be redirect to https.

Any idea ?

Thanks for you'r help

https://stackoverflow.com/a/28403907/6030030 – mbozwood Oct 10 '17 at 14:04 — mbozwood, Oct 10 '17 at 14:04

Webdesigner · Answer 1 · 2017-10-11T11:08:33.373

You have to exclude index.php

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>
    RewriteEngine On

    #http > https
    RewriteCond %{HTTPS} !=on [NC,OR]
    RewriteCond %{HTTP:X-Forwarded-Proto} !=https [NC]
    RewriteCond %{REQUEST_URI} !^/?index\.php$
    RewriteCond %{REQUEST_URI} !^/?(api/list|api/categories) [NC]
    RewriteRule ^.*$ https://%{HTTP_HOST}/%{REQUEST_URI} [R=301,L] 

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [R=301,L] 

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

score 0 · Answer 2 · answered Oct 10 '17 at 17:34

I've found the solution :

<IfModule mod_rewrite.c>
    <IfModule mod_negotiation.c>
        Options -MultiViews
    </IfModule>
    RewriteEngine On

    #http > https
    RewriteCond %{HTTP:X-Forwarded-Proto} !=https [NC]
    RewriteCond %{REQUEST_URI} !^/?(api/list|api/categories) [NC]
    RewriteRule https://%{HTTP_HOST}/%{REQUEST_URI} [R=301,L]

    # Redirect Trailing Slashes If Not A Folder...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteRule ^(.*)/$ /$1 [R=301,L]

    # Handle Front Controller...
    RewriteCond %{REQUEST_FILENAME} !-d
    RewriteCond %{REQUEST_FILENAME} !-f
    RewriteRule ^ index.php [L]

    # Handle Authorization Header
    RewriteCond %{HTTP:Authorization} .
    RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>

htaccess - Laravel force https

2 Answers2