blocks|key|1543450|text|你可以在Apache上使用一个指令和mod_rewrite来完成：|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1543451|<Location+/buyCrap.php>
RewriteEngine+On
RewriteCond+%25{HTTPS}+off
RewriteRule+(.*)+https://%25{HTTP_HOST}%25{REQUEST_URI}
</Location>|code-block|syntax|javascript|1543452|如果你愿意，你可以使用regular+expressions使这个位置随着时间的推移变得更智能。|offset|length|1543453|entityMap|0|LINK|mutability|MUTABLE|url|http://en.wikipedia.org/wiki/Regular_expression^0|0|0|B|J|0|0^^$0|@$1|2|3|4|5|6|7|S|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|T|8|@]|9|@]|A|$E|F]]|$1|G|3|H|5|6|7|U|8|@]|9|@$I|V|J|W|1|X]]|A|$]]|$1|K|3|-4|5|6|7|Y|8|@]|9|@]|A|$]]]|L|$M|$5|N|O|P|A|$Q|R]]]]

You could do it with a directive and mod_rewrite on Apache:

<pre><code>&lt;Location /buyCrap.php&gt;
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
&lt;/Location&gt;
</code></pre>

You could make the Location smarter over time using <a href="http://en.wikipedia.org/wiki/Regular_expression" rel="noreferrer">regular expressions</a> if you want.

blocks|key|1543509|text|不要在同一个页面上混用HTTP和HTTPS。如果您有一个通过HTTP提供的表单页面，我会对提交数据感到紧张--如果不执行View+Source并搜索它，我就看不出提交是通过HTTPS还是HTTP。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1543510|在HTTPS上提供表单和提交链接并不是一个很大的改变。|1543511|entityMap^0|0|0^^$0|@$1|2|3|4|5|6|7|F|8|@]|9|@]|A|$]]|$1|B|3|C|5|6|7|G|8|@]|9|@]|A|$]]|$1|D|3|-4|5|6|7|H|8|@]|9|@]|A|$]]]|E|$]]

Don't mix HTTP and HTTPS on the same page. If you have a form page that is served up via HTTP, I'm going to be nervous about submitting data -- I can't see if the submit goes over HTTPS or HTTP without doing a View Source and hunting for it.

Serving up the form over HTTPS along with the submit link isn't that heavy a change for the advantage.

blocks|key|1758455|text|//+Force+HTTPS+for+security
if($_SERVER["HTTPS"]+!=+"on")+{
++++$pageURL+=+"Location:+https://";
++++if+($_SERVER["SERVER_PORT"]+!=+"80")+{
++++++++$pageURL+.=+$_SERVER["SERVER_NAME"]+.+":"+.+$_SERVER["SERVER_PORT"]+.+$_SERVER["REQUEST_URI"];
++++}+else+{
++++++++$pageURL+.=+$_SERVER["SERVER_NAME"]+.+$_SERVER["REQUEST_URI"];
++++}
++++header($pageURL);
}|type|code-block|depth|inlineStyleRanges|entityRanges|data|syntax|javascript|1758456|unstyled|entityMap^0|0^^$0|@$1|2|3|4|5|6|7|G|8|@]|9|@]|A|$B|C]]|$1|D|3|-4|5|E|7|H|8|@]|9|@]|A|$]]]|F|$]]

<pre><code>// Force HTTPS for security
if($_SERVER["HTTPS"] != "on") {
 $pageURL = "Location: https://";
 if ($_SERVER["SERVER_PORT"] != "80") {
 $pageURL .= $_SERVER["SERVER_NAME"] . ":" . $_SERVER["SERVER_PORT"] . $_SERVER["REQUEST_URI"];
 } else {
 $pageURL .= $_SERVER["SERVER_NAME"] . $_SERVER["REQUEST_URI"];
 }
 header($pageURL);
}
</code></pre>

blocks|key|1543585|text|http://www.besthostratings.com/articles/force-ssl-htaccess.html|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|1543586|有时，您可能需要确保用户正在通过安全连接浏览您的站点。一种始终将用户重定向到安全连接的简单方法(可以通过包含以下行的.htaccess文件来完成https://)：|1543587|RewriteEngine+On+
RewriteCond+%25{SERVER_PORT}+80+
RewriteRule+%5E(.*)$+https://www.example.com/$1+[R,L]|code-block|syntax|javascript|1543588|请注意，.htaccess应位于网站主文件夹中。|1543589|如果您希望对特定文件夹强制使用HTTPS，您可以使用：|1543590|RewriteEngine+On+
RewriteCond+%25{SERVER_PORT}+80+
RewriteCond+%25{REQUEST_URI}+somefolder+
RewriteRule+%5E(.*)$+https://www.domain.com/somefolder/$1+[R,L]|1543591|.htaccess文件应该放在需要强制执行HTTPS的文件夹中。|1543592|entityMap|0|LINK|mutability|MUTABLE|url^0|0|1R|0|0|0|0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|Z|8|@]|9|@$A|10|B|11|1|12]]|C|$]]|$1|D|3|E|5|6|7|13|8|@]|9|@]|C|$]]|$1|F|3|G|5|H|7|14|8|@]|9|@]|C|$I|J]]|$1|K|3|L|5|6|7|15|8|@]|9|@]|C|$]]|$1|M|3|N|5|6|7|16|8|@]|9|@]|C|$]]|$1|O|3|P|5|H|7|17|8|@]|9|@]|C|$I|J]]|$1|Q|3|R|5|6|7|18|8|@]|9|@]|C|$]]|$1|S|3|-4|5|6|7|19|8|@]|9|@]|C|$]]]|T|$U|$5|V|W|X|C|$Y|4]]]]

<a href="http://www.besthostratings.com/articles/force-ssl-htaccess.html" rel="noreferrer">http://www.besthostratings.com/articles/force-ssl-htaccess.html</a>

Sometimes you may need to make sure that the user is browsing your site over securte connection. An easy to way to always redirect the user to secure connection (https://) can be accomplished with a .htaccess file containing the following lines:

<pre><code>RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]
</code></pre>

Please, note that the .htaccess should be located in the web site main folder.

In case you wish to force HTTPS for a particular folder you can use:

<pre><code>RewriteEngine On 
RewriteCond %{SERVER_PORT} 80 
RewriteCond %{REQUEST_URI} somefolder 
RewriteRule ^(.*)$ https://www.domain.com/somefolder/$1 [R,L]
</code></pre>

The .htaccess file should be placed in the folder where you need to force HTTPS.

blocks|key|1543598|text|<?php+
//+Require+https
if+($_SERVER['HTTPS']+!=+"on")+{
++++$url+=+"https://".+$_SERVER['SERVER_NAME']+.+$_SERVER['REQUEST_URI'];
++++header("Location:+$url");
++++exit;
}
?>|type|code-block|depth|inlineStyleRanges|entityRanges|data|syntax|javascript|1543599|就这么简单。|unstyled|1543600|entityMap^0|0|0^^$0|@$1|2|3|4|5|6|7|I|8|@]|9|@]|A|$B|C]]|$1|D|3|E|5|F|7|J|8|@]|9|@]|A|$]]|$1|G|3|-4|5|F|7|K|8|@]|9|@]|A|$]]]|H|$]]

<pre><code>&lt;?php 
// Require https
if ($_SERVER['HTTPS'] != "on") {
 $url = "https://". $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
 header("Location: $url");
 exit;
}
?&gt;
</code></pre>

That easy.

blocks|key|1758583|text|当在负载均衡器后面运行时，我不得不做这样的事情。Hat+tip+https://stackoverflow.com/a/16076965/766172|type|unstyled|depth|inlineStyleRanges|entityRanges|offset|length|data|1758584|function+isSecure()+{
++++return+(
++++++++(!empty($_SERVER['HTTPS'])+&&+$_SERVER['HTTPS']+!==+'off')
+++++%7C%7C+$_SERVER['SERVER_PORT']+==+443
+++++%7C%7C+(
++++++++++++(!empty($_SERVER['HTTP_X_FORWARDED_PROTO'])+&&+$_SERVER['HTTP_X_FORWARDED_PROTO']+==+'https')
+++++++++%7C%7C+(!empty($_SERVER['HTTP_X_FORWARDED_SSL'])+++&&+$_SERVER['HTTP_X_FORWARDED_SSL']+==+'on')
++++++++)
++++);
}

function+requireHTTPS()+{
++++if+(!isSecure())+{
++++++++header('Location:+https://'+.+$_SERVER['HTTP_HOST']+.+$_SERVER['REQUEST_URI'],+TRUE,+301);
++++++++exit;
++++}
}|code-block|syntax|javascript|1758585|entityMap|0|LINK|mutability|MUTABLE|url|https://stackoverflow.com/a/16076965/766172^0|W|17|0|0|0^^$0|@$1|2|3|4|5|6|7|Q|8|@]|9|@$A|R|B|S|1|T]]|C|$]]|$1|D|3|E|5|F|7|U|8|@]|9|@]|C|$G|H]]|$1|I|3|-4|5|6|7|V|8|@]|9|@]|C|$]]]|J|$K|$5|L|M|N|C|$O|P]]]]

Had to do something like this when running behind a load balancer. Hat tip <a href="https://stackoverflow.com/a/16076965/766172">https://stackoverflow.com/a/16076965/766172</a>

<pre><code>function isSecure() {
 return (
 (!empty($_SERVER['HTTPS']) &amp;&amp; $_SERVER['HTTPS'] !== 'off')
 || $_SERVER['SERVER_PORT'] == 443
 || (
 (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) &amp;&amp; $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https')
 || (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) &amp;&amp; $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on')
 )
 );
}

function requireHTTPS() {
 if (!isSecure()) {
 header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'], TRUE, 301);
 exit;
 }
}
</code></pre>

blocks|key|1543676|text|我刚刚创建了一个.htaccess文件，并添加了：|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1543677|RewriteEngine+On
RewriteCond+%25{HTTPS}+off
RewriteRule+(.*)+https://%25{HTTP_HOST}%25{REQUEST_URI}|code-block|syntax|javascript|1543678|很简单！|1543679|entityMap^0|0|0|0^^$0|@$1|2|3|4|5|6|7|K|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|L|8|@]|9|@]|A|$E|F]]|$1|G|3|H|5|6|7|M|8|@]|9|@]|A|$]]|$1|I|3|-4|5|6|7|N|8|@]|9|@]|A|$]]]|J|$]]

I just created a .htaccess file and added :

<pre><code>RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI}
</code></pre>

Simple !

blocks|key|1758647|text|我已经使用了这个脚本，它在整个网站上运行得很好。|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1758648|if(empty($_SERVER['HTTPS'])+%7C%7C+$_SERVER['HTTPS']+==+"off"){
++++$redirect+=+'https://'+.+$_SERVER['HTTP_HOST']+.+$_SERVER['REQUEST_URI'];
++++enter+code+hereheader('HTTP/1.1+301+Moved+Permanently');
++++header('Location:+'+.+$redirect);
++++exit();
}|code-block|syntax|javascript|1758649|entityMap^0|0|0^^$0|@$1|2|3|4|5|6|7|I|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|J|8|@]|9|@]|A|$E|F]]|$1|G|3|-4|5|6|7|K|8|@]|9|@]|A|$]]]|H|$]]

I have used this script and it works well through the site.

<pre><code>if(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] == "off"){
 $redirect = 'https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI'];
 enter code hereheader('HTTP/1.1 301 Moved Permanently');
 header('Location: ' . $redirect);
 exit();
}
</code></pre>

blocks|key|1543803|text|如果您使用支持.htaccess文件的Apache或LiteSpeed之类的工具，则可以执行以下操作。如果您还没有.htaccess文件，那么应该在根目录(通常是index.php所在的目录)中创建一个新的.htaccess文件。现在添加以下行作为.htaccess中的第一个重写规则：|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1543804|RewriteEngine+On
RewriteCond+%25{HTTPS}+off
RewriteRule+%5E(.*)$+https://%25{HTTP_HOST}%25{REQUEST_URI}+[L,R=301]|code-block|syntax|javascript|1543805|对于所有重写规则，您只需要在.htaccess中使用一次"RewriteEngine+On“指令，所以如果您已经有了它，只需复制第二行和第三行即可。|1543806|我希望这能帮到你。|1543807|entityMap^0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|M|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|N|8|@]|9|@]|A|$E|F]]|$1|G|3|H|5|6|7|O|8|@]|9|@]|A|$]]|$1|I|3|J|5|6|7|P|8|@]|9|@]|A|$]]|$1|K|3|-4|5|6|7|Q|8|@]|9|@]|A|$]]]|L|$]]

If you use Apache or something like LiteSpeed, which supports .htaccess files, you can do the following.
If you don't already have a .htaccess file, you should create a new .htaccess file in your root directory (usually where your index.php is located). Now add these lines as the first rewrite rules in your .htaccess:

<pre><code>RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</code></pre>

You only need the instruction "RewriteEngine On" once in your .htaccess for all rewrite rules, so if you already have it, just copy the second and third line.

I hope this helps.

blocks|key|1543847|text|使用这一点是不够的：|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1543848|if($_SERVER["HTTPS"]+!=+"on")
{
++++header("Location:+https://"+.+$_SERVER["HTTP_HOST"]+.+$_SERVER["REQUEST_URI"]);
++++exit();
}|code-block|syntax|javascript|1543849|如果您有任何http内容(如外部http图像源)，浏览器将检测到可能的威胁。因此请确保代码中所有ref和src都是https|1543850|entityMap^0|0|0|0^^$0|@$1|2|3|4|5|6|7|K|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|L|8|@]|9|@]|A|$E|F]]|$1|G|3|H|5|6|7|M|8|@]|9|@]|A|$]]|$1|I|3|-4|5|6|7|N|8|@]|9|@]|A|$]]]|J|$]]

Using this is NOT enough:

<pre><code>if($_SERVER["HTTPS"] != "on")
{
 header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
 exit();
}
</code></pre>

If you have any http content (like an external http image source), the browser will detect a possible threat. So be sure all your ref and src inside your code are https

blocks|key|1758815|text|对于使用IIS的用户，在web.config中添加以下行将有所帮助：|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1758816|<httpProtocol>
++++<customHeaders>
++++++++<add+name="Strict-Transport-Security"+value="max-age=31536000"/>
++++</customHeaders>
</httpProtocol>
<rewrite>
++++<rules>
++++++++<rule+name="HTTP+to+HTTPS+redirect"+stopProcessing="true">
++++++++++++++<match+url="(.*)"+/>
++++++++++++++<conditions>
+++++++++++++++++<add+input="{HTTPS}"+pattern="off"+ignoreCase="true"+/>
++++++++++++++</conditions>
++++++++++++++<action+type="Redirect"+redirectType="Found"+url="https://{HTTP_HOST}/{R:1}"+/>
+++++++++</rule>
++++</rules>
</rewrite>|code-block|syntax|javascript|1758817|完整的示例文件|1758818|<?xml+version="1.0"+encoding="UTF-8"?>
<configuration>
++++<system.webServer>
++++++++<httpProtocol>
++++++++++++<customHeaders>
++++++++++++++++<add+name="Strict-Transport-Security"+value="max-age=31536000"/>
+++++++++++++</customHeaders>
++++++++</httpProtocol>
++++++++<rewrite>
++++++++++++<rules>
++++++++++++++++<rule+name="HTTP+to+HTTPS+redirect"+stopProcessing="true">
++++++++++++++++++++++<match+url="(.*)"+/>
++++++++++++++++++++++<conditions>
+++++++++++++++++++++++++<add+input="{HTTPS}"+pattern="off"+ignoreCase="true"+/>
++++++++++++++++++++++</conditions>
++++++++++++++++++++++<action+type="Redirect"+redirectType="Found"+url="https://{HTTP_HOST}/{R:1}"+/>
+++++++++++++++++</rule>
++++++++++++</rules>
+++++++</rewrite>
+++</system.webServer>
</configuration>|1758819|entityMap^0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|M|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|N|8|@]|9|@]|A|$E|F]]|$1|G|3|H|5|6|7|O|8|@]|9|@]|A|$]]|$1|I|3|J|5|D|7|P|8|@]|9|@]|A|$E|F]]|$1|K|3|-4|5|6|7|Q|8|@]|9|@]|A|$]]]|L|$]]

For those using IIS adding this line in the web.config will help:

<pre><code>&lt;httpProtocol&gt;
 &lt;customHeaders&gt;
 &lt;add name="Strict-Transport-Security" value="max-age=31536000"/&gt;
 &lt;/customHeaders&gt;
&lt;/httpProtocol&gt;
&lt;rewrite&gt;
 &lt;rules&gt;
 &lt;rule name="HTTP to HTTPS redirect" stopProcessing="true"&gt;
 &lt;match url="(.*)" /&gt;
 &lt;conditions&gt;
 &lt;add input="{HTTPS}" pattern="off" ignoreCase="true" /&gt;
 &lt;/conditions&gt;
 &lt;action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" /&gt;
 &lt;/rule&gt;
 &lt;/rules&gt;
&lt;/rewrite&gt;
</code></pre>

A full example file

<pre><code>&lt;?xml version="1.0" encoding="UTF-8"?&gt;
&lt;configuration&gt;
 &lt;system.webServer&gt;
 &lt;httpProtocol&gt;
 &lt;customHeaders&gt;
 &lt;add name="Strict-Transport-Security" value="max-age=31536000"/&gt;
 &lt;/customHeaders&gt;
 &lt;/httpProtocol&gt;
 &lt;rewrite&gt;
 &lt;rules&gt;
 &lt;rule name="HTTP to HTTPS redirect" stopProcessing="true"&gt;
 &lt;match url="(.*)" /&gt;
 &lt;conditions&gt;
 &lt;add input="{HTTPS}" pattern="off" ignoreCase="true" /&gt;
 &lt;/conditions&gt;
 &lt;action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}/{R:1}" /&gt;
 &lt;/rule&gt;
 &lt;/rules&gt;
 &lt;/rewrite&gt;
 &lt;/system.webServer&gt;
&lt;/configuration&gt;
</code></pre>

blocks|key|1758882|text|也许这个可以帮助你，你，这就是我为我的网站做的，它就像一个护身符：|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1758883|$protocol+=+$_SERVER["HTTP_CF_VISITOR"];

if+(!strstr($protocol,+'https')){
++++header("Location:+https://"+.+$_SERVER["HTTP_HOST"]+.+$_SERVER["REQUEST_URI"]);
++++exit();
}|code-block|syntax|javascript|1758884|entityMap^0|0|0^^$0|@$1|2|3|4|5|6|7|I|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|J|8|@]|9|@]|A|$E|F]]|$1|G|3|-4|5|6|7|K|8|@]|9|@]|A|$]]]|H|$]]

maybe this one can help, you, that's how I did for my website, it works like a charm :

<pre><code>$protocol = $_SERVER["HTTP_CF_VISITOR"];

if (!strstr($protocol, 'https')){
 header("Location: https://" . $_SERVER["HTTP_HOST"] . $_SERVER["REQUEST_URI"]);
 exit();
}
</code></pre>

blocks|key|1758939|text|PHP的方式：|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1758940|$is_https=false;
if+(isset($_SERVER['HTTPS']))+$is_https=$_SERVER['HTTPS'];
if+($is_https+!==+"on")
{
++++header("Location:+https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
++++exit(1);
}|code-block|syntax|javascript|1758941|Apache的mod_rewrite方式：|1758942|RewriteCond+%25{HTTPS}+!=on
RewriteRule+%5E+https://%25{HTTP_HOST}%25{REQUEST_URI}+[L,R=301]|1758943|entityMap^0|0|0|0|0^^$0|@$1|2|3|4|5|6|7|M|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|N|8|@]|9|@]|A|$E|F]]|$1|G|3|H|5|6|7|O|8|@]|9|@]|A|$]]|$1|I|3|J|5|D|7|P|8|@]|9|@]|A|$E|F]]|$1|K|3|-4|5|6|7|Q|8|@]|9|@]|A|$]]]|L|$]]

The PHP way:

<pre><code>$is_https=false;
if (isset($_SERVER['HTTPS'])) $is_https=$_SERVER['HTTPS'];
if ($is_https !== "on")
{
 header("Location: https://".$_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']);
 exit(1);
}
</code></pre>

The Apache mod_rewrite way:

<pre><code>RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</code></pre>

blocks|key|1758985|text|如果你想使用PHP来做这件事，那么这种方式对我来说真的很有效：|type|unstyled|depth|inlineStyleRanges|entityRanges|data|1758986|<?php

if(!isset($_SERVER["HTTPS"])+%7C%7C+$_SERVER["HTTPS"]+!=+"on")+{
++++header("Location:+https://"+.+$_SERVER["HTTP_HOST"]+.+$_SERVER["REQUEST_URI"],+true,+301);
++++//Prevent+the+rest+of+the+script+from+executing.
++++exit;
}
?>|code-block|syntax|javascript|1758987|它检查$_SERVER超全局数组中的HTTPS变量，看看它是否等于“on”。如果变量不等于on。|1758988|entityMap^0|0|0|0^^$0|@$1|2|3|4|5|6|7|K|8|@]|9|@]|A|$]]|$1|B|3|C|5|D|7|L|8|@]|9|@]|A|$E|F]]|$1|G|3|H|5|6|7|M|8|@]|9|@]|A|$]]|$1|I|3|-4|5|6|7|N|8|@]|9|@]|A|$]]]|J|$]]

If you want to use PHP to do this then this way worked really well for me:
<pre><code>
&lt;?php

if(!isset($_SERVER[&quot;HTTPS&quot;]) || $_SERVER[&quot;HTTPS&quot;] != &quot;on&quot;) {
 header(&quot;Location: https://&quot; . $_SERVER[&quot;HTTP_HOST&quot;] . $_SERVER[&quot;REQUEST_URI&quot;], true, 301);
 //Prevent the rest of the script from executing.
 exit;
}
?&gt;

</code></pre>
It checks the HTTPS variable in the $_SERVER superglobal array to see if it equal to “on”. If the variable is not equal to on.

blocks|key|1544136|text|或者，您可以使用HTTPS头来强制重定向到X-Forwarded-Proto。|type|unstyled|depth|inlineStyleRanges|offset|length|style|CODE|entityRanges|data|1544137|在.htaccess文件中添加以下行|1544138|###+Force+HTTPS
RewriteCond+%25{HTTP:X-Forwarded-Proto}+!https
RewriteRule+%5E+https://%25{HTTP_HOST}%25{REQUEST_URI}+[L,R=301]|code-block|syntax|javascript|1544139|entityMap^0|L|H|0|0|0^^$0|@$1|2|3|4|5|6|7|O|8|@$9|P|A|Q|B|C]]|D|@]|E|$]]|$1|F|3|G|5|6|7|R|8|@]|D|@]|E|$]]|$1|H|3|I|5|J|7|S|8|@]|D|@]|E|$K|L]]|$1|M|3|-4|5|6|7|T|8|@]|D|@]|E|$]]]|N|$]]

As an alternative, you can make use of <code>X-Forwarded-Proto</code> header to force a redirect to HTTPS.
add these lines in the .htaccess file
<pre><code>### Force HTTPS
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</code></pre>

blocks|key|1759065|text|if(location.protocol!=='https:'){location.replace(`https:${location.href.substring(location.protocol.length)}`);}|type|code-block|depth|inlineStyleRanges|entityRanges|data|syntax|javascript|1759066|unstyled|entityMap^0|0^^$0|@$1|2|3|4|5|6|7|G|8|@]|9|@]|A|$B|C]]|$1|D|3|-4|5|E|7|H|8|@]|9|@]|A|$]]]|F|$]]

<pre><code>if(location.protocol!=='https:'){location.replace(`https:${location.href.substring(location.protocol.length)}`);}
</code></pre>

I've got just one page that I want to force to be accessed as an HTTPS page (PHP on Apache). How do I do this without making the whole directory require HTTPS? Or, if you submit a form to an HTTPS page from an HTTP page, does it send it by HTTPS instead of HTTP?
Here is my example:
<pre><code>http://www.example.com/some-page.php
</code></pre>
I want it to only be accessed through:
<pre><code>https://www.example.com/some-page.php
</code></pre>
Sure, I can put all of the links to this page pointed at the HTTPS version, but that doesn't stop some fool from accessing it through HTTP on purpose...
One thing I thought was putting a redirect in the header of the PHP file to check to be sure that they are accessing the HTTPS version:
<pre><code>if($_SERVER[&quot;SCRIPT_URI&quot;] == &quot;http://www.example.com/some-page.php&quot;){
 header('Location: https://www.example.com/some-page.php');
}
</code></pre>
But that can't be the right way, can it?

How can I force users to access my page over HTTPS instead of HTTP?

负载均衡

我只想强制访问一个页面作为HTTPS页面(Apache上的PHP)。如何在不使整个目录需要HTTPS的情况下做到这一点？或者，如果您从HTTP页面向HTTPS页面提交表单，它是否通过HTTPS而不是HTTP发送表单？下面是我的例子：http://www.example.com/some-page.php我希望它只能通过...

问如何强制用户通过HTTPS而不是HTTP访问我的页面？
EN

社区

活动

资源

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问如何强制用户通过HTTPS而不是HTTP访问我的页面？EN

社区

活动

资源

关于

腾讯云开发者

热门产品

热门推荐

更多推荐

问如何强制用户通过HTTPS而不是HTTP访问我的页面？
EN