CODEWITHSUNDEEP
codeigniterssl
marius2k12
marius2k12

Reputation: 1101

CodeIgniter SSL

Im developing an app with CodeIgniter, mainly for learning purposes.

Im currently addressing the issue of security in my app and one thing I read about is using SSL.

I tried to figure out what I have to do in order to use SSL in my app. Since I'll have a small number of users I thought about using SSL on all of my sites.

In another question for SSL in CI I found this:

$config['base_url'] = "https://www.yoursite.com/";

Is this all I have to configure to use SSL? Do I have to buy a certificate somewhere? Are there any prerequisites for my server?

Thanks in advance for your help!

Upvotes: 2

Views: 2131

Answers (3)

Hammad Ahmed khan
Hammad Ahmed khan

Reputation: 1671

Open config file from location application/config/config.php and enable or set hooks to true like this:

$config['enable_hooks'] = TRUE;
Then create a new file named hooks.php inside the config folder (i.e. application/config/hooks.php) and add the following code in it:

$hook['post_controller_constructor'][] = array(
    'function' => 'redirect_ssl',
    'filename' => 'ssl.php',
    'filepath' => 'hooks'
);

**Now create a new directory named hooks inside the application folder (i.e. application/hooks) and then create a new file named ssl.php inside the hooks folder (i.e. application/hooks/ssl.php).
Add the following code in the ssl.php file:**

function redirect_ssl() {
    $CI =& get_instance();
    $class = $CI->router->fetch_class();
    $exclude =  array('client');  // add more controller name to exclude ssl.
    if(!in_array($class,$exclude)) {
        // redirecting to ssl.
        $CI->config->config['base_url'] = str_replace('http://', 'https://', $CI->config->config['base_url']);
        if ($_SERVER['SERVER_PORT'] != 443) redirect($CI->uri->uri_string());
    } else {
        // redirecting with no ssl.
        $CI->config->config['base_url'] = str_replace('https://', 'http://', $CI->config->config['base_url']);
        if ($_SERVER['SERVER_PORT'] == 443) redirect($CI->uri->uri_string());
    }
}

Upvotes: 0

Prasanth
Prasanth

Reputation: 5258

SSL is related to your server. Not to your server side scripting software, i.e. php.

So, you should be looking for ssl for your server software.

Now, you have two options:

  1. If you run in a local intranet, you could use software like xampp which by default provides https functionality for apache through self signed ssl certificate.

  2. If you are using a hosting account, you should get a signed ssl certificate.

And ofcourse the setting in codeigniter, which you specified must be set to actually make use of the https.

Upvotes: 2

Geert
Geert

Reputation: 1227

You will need an SSL certificate for this yeah. Most current servers can handle these just fine, although your server needs an personal IP-address for this.

Upvotes: 0

Related Questions