Redirect to ssl in codeigniter

Rakesh Sharma      16 Comments  

Redirect to ssl in codeigniter :-

HTTPS :- Full name is (hyper text transfer protocol secure). It’s a extended or you can say secure version of the HTTP(hyper text transfer protocol). If you have https enabled on your server you will get a lock icon in address bar of browser.
For encryption of data it’s used SSL(secure sockets layer) certificates to install on your server. Most uses of https to securely transmit data with ssl.
So most of sites need ssl or https url. we can easily manage redirection to https url in codeigniter using hooks. it’s a one more good feature of CI. We need to create some lines of code to get ssl url or redirect to https url in codeigniter. Default codeigniter not have this type of functionality so we need to force redirect to ssl url. below we will see how to use ssl redirect with codeigniter.

1. Config changes :- Go to “application/config/config.php” and enable or set hooks to true.

$config['enable_hooks'] = TRUE;

2. create a new file named hooks.php in “application/config/hooks.php” and add below code in hooks.php:-

$hook['post_controller_constructor'][] = array(
                                'function' => 'redirect_ssl',
                                'filename' => 'ssl.php',
                                'filepath' => 'hooks'

3. Now create a new directory with named “hooks” under application directory and then create new file named “ssl.php” in “application/hooks/ssl.php”
and add below code to “ssl.php” :-

function redirect_ssl() {
    $CI =& get_instance();
    $class = $CI->router->fetch_class();
	$exclude =  array('client');  // add more controller name to exclude ssl.
    if(!in_array($class,$exclude)) {
      // redirecting to ssl.
      $CI->config->config['base_url'] = str_replace('http://', 'https://', $CI->config->config['base_url']);
      if ($_SERVER['SERVER_PORT'] != 443) redirect($CI->uri->uri_string());
    else {
      // redirecting with no ssl.
      $CI->config->config['base_url'] = str_replace('https://', 'http://', $CI->config->config['base_url']);
      if ($_SERVER['SERVER_PORT'] == 443) redirect($CI->uri->uri_string());

Now check your site you will get https in url. redirect to https url in codeigniter using hooks is a good method rather than htaccess.

  • adnan

    Thanks a lot, worked like a charm

  • Samuel

    Thank you so much!!! :)

    I had been struggling for several hours with .htaccess and it did not work.

  • Ayan Chax


  • Joseph Cahill

    Very nice tutorial. I changed “exclude” to “include” and then flipped the https:// and http:// in the IF and ELSE clause. This made it so that only the items in the “include” array were redirected to secure, rather than redirecting to insecure for the “exclude” items.

  • ritvick

    Will this redirect carry post data and headers as well ?
    Lets say a post has been made to http://domain/controller, so will the same post request variables be accessible after automatic redirection to https://domain/controller ?

    • rakesh sharma

      Yeah, it will work with post data and headers. let me know if any issue.

    • kharismayuyu

      Hi ritvick,
      I don’t think the posted data will be carried thru the redirection.
      The code above is just replacing the http to https using hook. The idea of using hook is to add in your own codes without hacking the original core.
      If you’re talking about data posted from http directly to https then it should be alright.
      But if it’s from http to another http, then you use redirect_ssl function, the posted data won’t be carried thru.

  • John

    I’m getting an error “PHP Fatal error: Call to undefined function redirect()” any idea why that might be happening? To my knowledge I have correctly followed these instructions.

    • philsbury

      redirect() is part of the URL Helper so you’ll need that loaded if you hadn’t fixed it already

    • IBad Gore


  • IBad Gore

    Thanks Rakesh. Saved my day!!!
    I found an issue where the GET parameters are not included in redirection.
    I changed a little bit
    $exclude = array(); // add more controller name to exclude ssl.
    if(!in_array($class,$exclude)) {
    // redirecting to ssl.
    if ($_SERVER[‘SERVER_PORT’] != 443){ redirect($CI->config->config[‘base_url’].$_SERVER[‘REQUEST_URI’]);}
    else {
    // redirecting with no ssl.
    if ($_SERVER[‘SERVER_PORT’] == 443) {redirect($CI->config->config[‘base_url’].$_SERVER[‘REQUEST_URI’]);}

    Any comment about this will be appreciated!!!

    • mucholoco

      Hi! This partially works when I have GET parameters thank you! But I encounter some problems:
      For example, I am in http redirecting to https. My base_url is http://localhost/projectname/ and then my REQUEST_URI string becomes /projectname/controller?id=2. So the page I’m loading is now https://localhost/projectname//projectname/controller?id=2.

      How can I only get “/controller?id=2″ for the REQUEST_URI? or How can I only get “https://localhost” for the base_url?

  • 田山川


  • claudiosouzajr

    It was so nice! Thanks a lot!

  • Dhide Marshall

    nice trick, but how with WWW and without WWW?

  • mucholoco

    This doesn’t preserve POST data :(