Redirecting from HTTP to HTTPS with PHP

php redirect http to https htaccess
how to use https instead of http in php
how to redirect http to https in html website
redirect http to https htaccess laravel
redirect to https
how to change http to https
wordpress https redirect
apache redirect http to https

I'm working on a shopping cart website and I would like to redirect the user to a HTTPS page when he's entering his billing details and maintain the HTTPS connection for the next pages until he logs out.

What do I need to install on the server (I'm using Apache) in order to do this, and how can this redirect be done from PHP?

Try something like this (should work for Apache and IIS):

if (empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] === "off") {
    $location = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    header('HTTP/1.1 301 Moved Permanently');
    header('Location: ' . $location);

Redirecting from HTTP to HTTPS with PHP, Try something like this (should work for Apache and IIS): if (empty($_SERVER['​HTTPS']) || $_SERVER['HTTPS'] === "off") { $location = 'https://' . PHP: Redirect HTTP to HTTPS. This is a guide on how to force users to use your PHP application with HTTPS instead of HTTP. Over the past few years, HTTPS has risen in popularity – especially since Google announced that HTTPS was being used as a ranking signal for websites.

This is a good way to do it:

if (!(isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' || 
   $_SERVER['HTTPS'] == 1) ||  
   isset($_SERVER['HTTP_X_FORWARDED_PROTO']) &&   
   $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https'))
   $redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
   header('HTTP/1.1 301 Moved Permanently');
   header('Location: ' . $redirect);

PHP: Redirect HTTP to HTTPS., This is a guide on how to force users to use your PHP application with HTTPS instead of HTTP. Redirection from one page to another in PHP is commonly achieved using the following two ways: Using Header Function in PHP: The header() function is an inbuilt function in PHP which is used to send the raw HTTP (Hyper Text Transfer Protocol) header to the client.

You can always use


to redirect to the save URL.

But I would recommend to do it by .htaccess and the Apache rewrite rules.

3 Simple Ways To Redirect a Website From Http to Https, *) https://%{HTTP_HOST}%{REQUEST_URI}” tell the server to only rewrite the first part (http://) to (https://). Method:2 – Using php Function. You  Redirection is trivial with PHP. All you need to do is to send the visitor's browser an HTTP header specifying the new location, and the browser will do the rest. This is done with the header() function.

Redirecting from HTTP to HTTPS with PHP on IIS

I was having trouble getting redirection to HTTPS to work on a Windows server which runs version 6 of MS Internet Information Services (IIS). I’m more used to working with Apache on a Linux host so I turned to the Internet for help and this was the highest ranking Stack Overflow question when I searched for "php redirect http to https". However, the selected answer didn’t work for me.

After some trial and error, I discovered that with IIS, $_SERVER['HTTPS'] is set to off for non-TLS connections. I thought the following code should help any other IIS users who come to this question via search engine.

if (! isset($_SERVER['HTTPS']) or $_SERVER['HTTPS'] == 'off' ) {
    $redirect_url = "https://" . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    header("Location: $redirect_url");

Edit: From another Stack Overflow answer, a simpler solution is to check if($_SERVER["HTTPS"] != "on").

How to redirect HTTP to HTTPS Using .htaccess, It becomes very important to redirect from HTTP to HTTPS. What is SSL? SSL (​Secure Sockets Layer) is a standard security protocol for  HTTPS allows you to use the HTTP/2 protocol, which significantly improves the site performance. Google favors HTTPS websites. Your site will rank better if served via HTTPS. This guide covers how to redirect the HTTP traffic to HTTPS in Apache. There are several ways to redirect to HTTPS in Apache.

On my AWS beanstalk server, I don't see $_SERVER['HTTPS'] variable. I do see $_SERVER['HTTP_X_FORWARDED_PROTO'] which can be either 'http' or 'https' so if you're hosting on AWS, use this:

if ($_SERVER['HTTP_HOST'] != 'localhost' and $_SERVER['HTTP_X_FORWARDED_PROTO'] != "https") {
    $location = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
    header('HTTP/1.1 301 Moved Permanently');
    header('Location: ' . $location);

Redirect From HTTPS To HTTP Using PHP, Redirect From HTTPS To HTTP Using PHP. 17th April 2009. Note: This post is over a year old and so the information contained here might be out of date. You can use the following php function to redirect your website using php code. You just have to call the function in the page at appropriate place where you need the redirect from http to https. < ? php function redirectTohttps () {

How to Redirect Website from HTTP to HTTPS?, Restart Apache web server to test it. A configured website should be able to redirect and accessible on https. HTTPS Redirection in Nginx. Login  In order to force your web traffic to use HTTPS, edit the codes in the .htaccess file. Before we move onto redirecting HTTP to HTTPS, here’s how you can edit .htaccess file. If you already know skip to Redirection steps. Editing .htaccess File

How to change http to https - PHP, If not, do that first before setting up redirects from http. can you guide me how to setup https in my apache 2 web server… i have used apache 2 and php 5.3  Enabling the redirect in the Virtual Host file is safer and simpler than other options, as the configuration will be similar for all systems. Usually, there are two Virtual Host files on Apache if an SSL certificate is installed: one is for the non-secure port 80, and the other is for the secure port 443. The redirect to HTTPS can be enabled in

Redirects with HTTPS, Understanding how to properly configure redirects with HTTP and HTTPS sites. You can now use DNSimple and URL records to redirect via HTTPS. application that can be as simple as a PHP script, or more complex, like  Redirect my website to HTTPS in Plesk/Windows; Redirect my WordPress website to HTTPS for Plesk hosting; Notes: • These instructions don't apply to Managed WordPress accounts with an SSL certificate. The HTTPS redirect is automatically enabled after the SSL certificate install finishes on a Managed WordPress account. • If we don't have a

  • It doesn't work always. I tried using it and there was no 'https' element in the $_SERVER array due to which it was giving error of 'too many redirects'. Would need to use other method.
  • I had to test if( $_SERVER['HTTPS'] == "off") to get this code to work. I think it's because I'm on IIS, not Apache like the OP.
  • @NicholasPickering Jepp, $_SERVER variables might vary with webservers.
  • Note: die() or exit() can be important to put after header redirects to prevent the rest of the page from executing (and possibly sending extra information to the client) (i.e. to hackers or browsers that may not respect the header).
  • Depending on your server environment/setup you may need to use $_SERVER['HTTP_X_FORWARDED_PROTO'] to check for http/https
  • works well the one marked as good will return a redirect too many times at least in Chrome
  • The condition !(isset($_SERVER['HTTPS']) && ($_SERVER['HTTPS'] == 'on' will always be false, since if the last part is true, the first will be false.
  • @Max : I don't get what you say. If the second condition is true ($_SERVER['HTTPS'] == 'on') then the first condition will have to be TRUE as well (of course that server variable is set, because it contains a value!)
  • I would always recommend to check $_SERVER['HTTPS'] before redirecting.
  • $_SERVER['HTTPS'] is not always set, but it is a good idea to check before. Thats why I recommend to do it with an useful rewrite rule in Apache, which only redirects when its not on HTTPS.
  • Although Apache recommends not to use an extra .htaccess file (because it slows down) but to use the rewrite rules inside the *.conf of Apache.
  • @JakeSylvestre Fair enough. Given that this question isn't tagged as apache, I posted this answer for the benefit of other IIS users (similar to the situation I was in) who may come across this page via search engine. I subscribe to the view that answers are for the benefit of the community as a whole and not just the OP.