In order to force redirection of your website developed in Laravel from HTTP to HTTPS, you can try adding the following rules in .htaccess file. <fModule mod_rewrite.c> Options -Indexes RewriteEngine On RewriteCond %{HTTPS} !=on RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301] RewriteRule ^(.*)$ public/$1 [L] </IfModule> Next, look at .env file and modify the value for APP_URL parameter APP_URL=https://yoursite.com

In order to force redirection of your Wordpress website from HTTP to HTTPS, the key task that you will need to do is to modify .htaccess file that is present in the root of the website directory. If you check your wordpress install, you will have the following code by default in your .htaccess file. <IfModule mod_rewrite.c> RewriteEngine On RewriteBase / # BEGIN WordPress RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] </IfModule> (more…)

It is always secured to turn OFF register_globals in PHP applications. Earlier, we have seen how to turn OFF register_globals setting via .htaccess file and in this blog we will use php.ini instead. Using a text editor create a file called php.ini. This will be our first step. Next, we need to add the following line of code in php.ini register_globals = off Upload php.ini file to the root folder where your application resides.

.htaccess - Purpose, Considerations .htaccess is a hidden file in the web server which comes in handy when the sites are hosted in shared environment. Considerations: Slight hit to performance takes place when .htaccess directive is set as Apache checks each directory for its existence before any file access in that directory Next consideration will be with regards how the site owners manage the setting changes and its security which can be misused. (more…)

Register Globals directive is turned OFF from PHP version 4.2. PHP Global Variables Environment variables, GET, POST, Server, Cookie variables are knows as Global Variables. When register_globals directive is turned ON (like what most ISP's did), you can access/set the global variables like $username, $password instead of $_POST["username"], $_POST["password"]. (more…)

Linux: .htaccess and custom error messages When we create a domain and would like to have custom error messages for the sites that we build .htaccess file comes in handy. There may be errors related to site access sucha as 401 - Unauthorized access, 404 - Document Not Found, 500 - Internal Server Error. To handle such error you can create a separate folder called "errors" for the site which will have the files error401.html, error404.html, error500.html each bearing the custom messages that you would like to have it published via the web. (more…)