Redirect HTTP to HTTPS in Cakephp3

If you are building CakePHP application and want to move all traffic to HTTPS you can follow bellow simple steps without making any change in .htaccess file

Step 1. Edit AppController to make change

use Cake\Event\Event;

Step 2. Load security component

public function initialize()
    {
        parent::initialize();

        $this->loadComponent('Security', ['blackHoleCallback' => 'forceSSL']);

        $this->loadComponent('RequestHandler');
        $this->loadComponent('Flash');
        $this->loadComponent('Cookie');   
    }

Step 3. Create function which redirects all non https request to https

public function forceSSL(){
        $this->request->addDetector('ssl', array(
            'env' => 'HTTP_X_FORWARDED_PROTO',
            'value' => 'https'
        ));
        if($_SERVER['HTTP_X_FORWARDED_PROTO'] == "http") {
            return $this->redirect('https://' . env('SERVER_NAME') . $this->here); 
        }
    }

Hope this will help you 🙂

Share this: