Laravel .htaccess configuration for excluding POST endpoint from https - laravel

In my Laravel app i have a POST endpoint in which Arduino sends some data. I installed SSL and tried communication again but with no result (redirect). I want to exclude only this specific endpoint from https. I tried different approaches and code that found with no result.
e.g. Route endpoint: /api/measures
.htaccess file:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

Thankfully i found a solution following a different way than changing .htaccess. With the help of Laravel i applied a middleware that redirects all web and api requests to secure requests and excluded the only endpoint that takes the request from Arduino client (can't handle ssl).
Answer that helped me Laravel 5 - redirect to HTTPS

Related

Laravel MethodNotAllowedHttpException The GET method is not supported for this route. Supported methods: POST

I have Laravel project works as an API, On my local machine it's working currectly but when I uploaded it on the server and send a request with Postman it doesn't send a post request, It's changed to GET request ! I read so many solutions and nothing worked for me.
https://imgur.com/p44fI1W
https://imgur.com/gdVLhXk
https://imgur.com/RKDpEom
My .htaccess file
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

Laravel: Access website from 2 different domains one of them through https and the other from http

I have a laravel website and i forced HTTPS from .htaccess and i access the website though https://leadersuae.net .. now i need to access same website from another domain that doesn't have SSL certificate and the domain http://leadersuae.ae
How can i achieve that from .htaccess file because when i open http://leadersuae.ae of course the website if forced to HTTPS already .. so i need to force HTTPS for the first domain and not force it for the other one
This is my current .htaccess
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Force SSL
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
Try something like this? It should check if the domain is equal to leadersuae.ae and if its not, force HTTPS.
# Check if domain is AE OR NET
<If "%{HTTP_HOST} != 'leadersuae\.ae'">
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</If>
For this to work, please make sure you are using apache 2.4+.

I'm forcing SSL with htaccess but it isn't working with URLs that link to files

I realised that my site is not redirecting correctly when the URL link to a file (a pdf in this case). The others urls of my site are working perfectly. This is my htaccess file:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Force SSL
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>
It's strange because after differents ways of typing my url I found this:
If I type "myweb.com/urltopdf", it is redirected to "https://myweb.com/urltopdf"
If I type "https://myweb.com/urltopdf", URL works
If I type "http://myweb.com/urltopdf", it isn't redirected and the url doesn't work. This case is my problem.
I dont know if it's important but I am using laravel 5.2.
Thanks.
EDIT: It works on firefox and edge but not on chrome.

laravel ERR_TOO_MANY_REDIRECTS after adding SSL

so i am using cloudways with digitalocean and now trying to add letsencrypt into my laravel 5.4 web app...
and according to tech support in cloudways they say i need to modify my .htaccess to be like this
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^(.*)$ https://%{HTTP_HOST}/$1 [R=301,L]
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
</IfModule>
but after that i got
ERR_TOO_MANY_REDIRECTS
what's gone wrong? cloudways tech support can't give any solution either... so i kinda stuck in here
i also do some research before and read that i need to add
If(env(' APP_ENV') !== 'local') { $url->forceSchema('https'); }
into app/Providers/AppServiceProvider.php in boot function to make all request to be https....
but still no luck...
okay so i already got the solution, i forgot that my site also have cloudflare cdn and in crypto part it set SSL to Full mode, just change it to flexible one and everything works great....

Redirect http to https in laravel 5.2

I have a Laravel 5.2 project. Recently, I installed an SSL certificate on my website so when I type https://example.com in the browser it works but when I write example.com, it connects by HTTP.
To fix that, I added these lines to my .htaccess file:
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
After that, when I type example.com, the browser redirects me to https://example.com. That's perfect.
The problem is when I try to access the URL http://example.com/download/get/book/volume2, it doesn't redirect me to HTTPS. It redirects me to the index page. If I add the s of https in the URL it works fine but I need the app to redirect me from HTTP to HTTPS.
The route in routes file:
Route::get('download/get/book/{book}'
That route opens a PDF file that I have in privates/storage folder in the browser's tab.
EDIT:
My .htaccess file:
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews
</IfModule>
RewriteEngine On
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)/$ /$1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# require SSL
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
Your HTTP to HTTPS redirect needs to go near the top of your .htaccess file, immediately after the RewriteEngine directive and, importantly, before the Laravel front controller.
As a general rule, external redirects should always go before internal rewrites.
The front controller catches all requests (or rather requests that don't map to a physical file or directory) and rewrites these to index.php (that ultimately handles the routeing). The problem is that your HTTP to HTTPS redirect occurs later and converts the now rewritten URL into an external redirect to index.php.
Likewise, your # Handle Authorization Header block should also go before the front controller (ideally). (It will work in its current state, in per-directory .htaccess files, due to the looping nature of .htaccess files, but if you moved these directives to the server config it would fail.)
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
Add the above two lines just below RewriteEngine On in your .htaccess file. It will automatically redirect any traffic destined for http: to https:
Finally, your .htaccess file will look like the following
<IfModule mod_rewrite.c>
<IfModule mod_negotiation.c>
Options -MultiViews -Indexes
</IfModule>
RewriteEngine On
# Redirect to https
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [R,L]
# Handle Authorization Header
RewriteCond %{HTTP:Authorization} .
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
# Redirect Trailing Slashes If Not A Folder...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_URI} (.+)/$
RewriteRule ^ %1 [L,R=301]
# Handle Front Controller...
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
</IfModule>

Resources