Committed to the LaraBrain by:
at October 24, 2015 5:58 pm
If you are developing on OSX El Capitan, apache has been configured to use ReverseProxy. This causes $request->secure() to always return false.
The solution for laravel 4.2 is to add
to your filters.php before() function.
For laravel 5 I used a middleware solution:
<?php namespace toolbox5\Http\Middleware;
* Redirects any non-secure requests to their secure counterparts.
* @param request The request object.
* @param $next The next closure.
* @return redirects to the secure counterpart of the requested uri.
class Secure implements Middleware
public function handle($request, Closure $next)
if (($request->server('HTTP_X_FORWARDED_PROTO') != 'https') &&
// production is not currently secure
NB: my dev environment is SSL but the production server is not which is why I use !app()->environment('production') which forces HTTPS on my dev URLs. Edit yours as required.