Fix SSL in Laravel 4 when server is behind a load balancer or a reverse proxy

Submitted by zOxta - 2 years ago

If you are running Laravel 4 and behind a load balancer or a reverse proxy, some HTTPS functions like ‘Request::secure()’ and ‘Request::isSecure()’ will return false. If we add the current IP which belongs to the proxy/load balancer to the setTrustedProxies then the Request class will honour the ‘X-Forwarded-Proto’ and other ‘X-Forwarded’ headers and the mentioned functions would work fine. Note: THIS METHOD CANNOT BE TRUSTED unless ALL requests go through a proxy YOU control.

// in your filters.php add the following inside App::before()

App::before( function( $request )
{
    // set the current IP (REMOTE_ADDR) as a trusted proxy
    Request::setTrustedProxies( [ $request->getClientIp() ] );
});
comments powered by Disqus

Ads cover the costs of maintaining Laravel-tricks