[PHP] Enable HTTP to HTTPS redirect in Codeigniter 4 without .htaccess
“Not Secure” against your website name in address bar is something every owner hates. It is an instant turn off for users as well. Now, you might have setup SSL for your website, but if you have not enabled HTTPS redirect, then users landing on HTTP version would still see “Not Secure” message. The best solution to overcome this issue is to enable HTTPS redirect by default.
In earlier versions of Codeigniter you would have to setup .htaccess file to enable the same, but not anymore. Codeigniter 4 provides a configurable option by which you can enable HTTPS redirect for your website.
By default this option is disabled as all HTTPS websites also work on HTTP but not vice-versa. Hence you are required to manually change this setting.
Perform following steps to enable HTTPS redirect in Codeigniter 4.
- Open app/Config/App.php file
- Search for forceGlobalSecureRequests
- Ensure that variable value is set to true
Now try to access your website at http version and you should get redirected to https version.
You can also enable this change from .env file by uncommenting following line
app.forceGlobalSecureRequests = true