0

Ok so I need my site to automatticly forward all requests to the server for http to https. I was using php with no real problems but now godaddy is telling me that I need to change the way i am doing this. Is my code correct, should i change how im doing this, what method is better? Thanks in advance for the help!

<?php
if ($_SERVER['SERVER_PORT']!=443)
{
$url = "https://". $_SERVER['SERVER_NAME'] . ":443".$_SERVER['REQUEST_URI'];
header("Location: $url");
}
?>
scube
  • 1,931
  • 15
  • 21
Tyler Radlick
  • 184
  • 1
  • 6
  • 12
  • 2
    If Godaddy are telling you that you need to change it … aren't they telling you what to change it to? Or why you should? – Quentin Nov 24 '11 at 16:53
  • When i asked why i got we dont support scripting and to just change it lol – Tyler Radlick Nov 24 '11 at 17:14
  • Support can mean one of two things. 1. Providing the required systems 2. providing technical assistance when it doesn't work. Since you said it does work, and assuming you haven't asked them to solve a problem for you … with that quality of explanation I'd escalate it with their support service or move host (given the horror stories I've heard about godaddy, I'd move host myself). – Quentin Nov 24 '11 at 17:17

5 Answers5

1

You don't need to include the port number... https' default port is 443 already. You'd only need an explicit port number if you're running an https service on some OTHER port. As well, why the duplicate redirect? You've got 2 if() blocks doing the exact same thing.

However, just testing for port 443 is not sufficient. You can run ANY service you want on any port. It's just that HTTPS usually is on 443. But nothing says it HAS to be. There's $_SERVER['HTTPS'] which explicity tells if you if HTTPS is in use or not.

Marc B
  • 356,200
  • 43
  • 426
  • 500
0

A better method would be to use .htaccess and mod_rewrite to do the redirect.

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]

This is explained in more detail here.

Gelatin
  • 2,393
  • 1
  • 24
  • 29
0

I would use something as described here:

enter link description here

I would not like to rely for port 443. Someone can configure normal traffic towards 443 or use another port for https (both rare).

Additionally since it is the default, you can ommit the ":443"...

Community
  • 1
  • 1
Dimitrios Mistriotis
  • 2,626
  • 3
  • 28
  • 45
0

You could use htaccess for doing this:

RewriteEngine On
RewriteCond %{SERVER_PORT} !443
RewriteRule (.*) https://www.example.com/require-secure/ [R]

Hope it helps

Sudhir Bastakoti
  • 99,167
  • 15
  • 158
  • 162
  • testing port number is not sufficient. https is USUALLY on port 443, but there is no requirement that it actually be on that port, or that some OTHER service is running on 443. – Marc B Nov 24 '11 at 16:53
0

I am using this code in my .htaccess file which works great:

RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://example.ch/$1 [R,L]
scube
  • 1,931
  • 15
  • 21