web.config direct to https

[MasterJiq]

Hello,

Does someone here can share web.config to redirect to https ? I tried a lot of method and read a lot of stackoverflow's thread. All I get is 'Redirect is loop' do someone can share with me ? I am on IIS 7.5/7

Thanks.

 

[MasterJiq]

@Zet ? what's your meaning ?

 

[JynX]

@Zet ? what's your meaning ?

You also need to make ALL your links served over HTTPS. And to ensure your app/management/config.php has the url with https://

 

[Blasteh]

As far as I can see, you fixed the issue because I'm loading over HTTPS. I also see you're using Cloudflare.

Next time, another type of way to force HTTPS is to turn this on in Cloudflare:

You must be registered for see images attach

Then, create a page rule like this:

You must be registered for see images attach

 

[Zet]

You also need to make ALL your links served over HTTPS. And to ensure your app/management/config.php has the url with https://

Good stuff, we're on the same page.

 

[MasterJiq]

@JynX @Zet LOL. I've setting it up, as someone says that I have to edit swf or what idk.
 
@Blasteh I already active that, 1 month ago until now
 
@SpreedBlood @Sledmore @Core any suggestion to solve this prob ?

 

[Joe]

Not sure if this has been solved/asked but do you have a voting API on your client.php file? If yes, do you get the redirection loop afterwards? I'm not sure how this thread has 3 pages for such a simple question.

If you do use a voting API (FindRetro's) then is your redirection URL in FR set to

You must be registered for see links

Sorry if I've got the wrong end of the stick.

 

[MayoMayn]

You can't use web.config to go to HTTPS and PHP wont know that you are on HTTPS or not because of the fact that the certificate is not on the server or so. I did get around this by writing some PHP code tho.

public function thisFullURL($enableSSL = NULL) {
        $serverName = $_SERVER['SERVER_NAME'];
        $uri = $_SERVER['REQUEST_URI'];  
       
        if (isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || $_SERVER['HTTPS'] == 1) || isset($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') {
          $protocol = 'https://';
        }
        else {
          $protocol = 'http://';
        }
       
        $fullURL = $protocol.$serverName.$uri;
        $URL = $serverName.$uri;
       
        if ( $enableSSL && $protocol == 'http://' )
            header("location: https://{$URL}");
        else if( !$enableSSL && $protocol == 'https://' )
            header("location: http://{$URL}");
        else
            return $fullURL;
    }

Then you just have to pass true or false into the function true = SSL Redirection Enabled, false = SSL Redirection Disabled

Coded this for my framework, that both forces HTTPS and WWW if included in the website url.

public function forceUrl()
    {
        $url = self::url();
        // Checks which protocol is used
        $proto = explode('://', $url);
        $proto = $proto[0];
        // Checks if protocol should be forced
        $protocheck = ($_SERVER['HTTP_X_FORWARDED_PROTO'] === $proto);
       
        // Checks if www should be included
        $iswwwset = (strstr($url, $proto . '://www.') ? "://www." : "://");
        $wwwhost = (strstr($_SERVER['HTTP_HOST'], "www.") !== false);
        $wwwcheck = ($iswwwset == "://www.") ?  (!$wwwhost) : ($wwwhost);

        if(!$protocheck || $wwwcheck) {
            $redirect = $url . $_SERVER['REQUEST_URI'];
            header('HTTP/1.1 301 Moved Permanently');
            header('Location: ' . $redirect);
        }
    }

 

[MasterJiq]

@Sentinel, do it work to solve the problem I got on Client ?