-
Force https
If you're running ssl and don't want a user to get to a page unsecured, i've created this function to force https based on URI. If you put it in an include file and then run the function at the top of your script, it will redirect back to the page with https invoked.
For those pages that don't require https, to minimize server load, i've created the oppposite function. Let me know how it works out if you use it:
PHP Code:
function forcehttps(){
if (!isset($_SERVER['HTTPS']))
{
$ref = $_SERVER['REQUEST_URI'];
header("Location:https://wwww.yoursite.com".$ref);
exit;
}
}
function killhttps(){
if (isset($_SERVER['HTTPS']))
{
$ref = $_SERVER['REQUEST_URI'];
header("Location:http://wwww.yoursite.com".$ref);
exit;
}
}
-
Thanks for sharing it with us Charles. You can also redirect non-secure urls to secure links by adding one of the following directives to .htaccess file:
Code:
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
or
Code:
RewriteEngine On
RewriteCond %{SERVER_PORT} !443
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}