PHP: Force https://

KMatle · Apr 28, 2017

If you use php as the backend of your app, this is how you ensure your script is used via https:// only

B4X:

if($_SERVER["HTTPS"] != "on")
    {
        header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
        exit();
    }

It just calls your own script with all given parameters and https:// and closes the actual one.
Just add this snippet to the top of you php script.

sorex · Apr 28, 2017

the problem is that your data is already sent over without encryption.

you can remove port 80 as listening port in apache then you're sure nobody can connect to it without https first.

KMatle · May 2, 2017

sorex said:
you can remove port 80

Yep, but I use a "cheap" hosted site. So I can't modify any ports

PHP: Force https://

KMatle

Expert

sorex

Expert

KMatle

Expert