How can a script be set to only be accessible via HTTPS and not HTTP in PHP?
To ensure that a script is only accessible via HTTPS and not HTTP in PHP, you can check the $_SERVER['HTTPS'] variable to determine if the request is using HTTPS. If the variable is not set or is not equal to "on", you can redirect the user to the HTTPS version of the script.
if(empty($_SERVER['HTTPS']) || $_SERVER['HTTPS'] !== 'on') {
header('Location: https://' . $_SERVER['HTTP_HOST'] . $_SERVER['REQUEST_URI']);
exit;
}
Keywords
Related Questions
- How can user tracking be implemented on a website using PHP?
- How can developers troubleshoot and debug issues related to feof() not returning true at the end of a file in PHP 8.0, despite working in previous versions?
- What are the potential pitfalls of using preg_replace for hackers protection in PHP?