force http to https during installation of wordpress

[isitmeor]

How can I force http to https on installations of new (wordpress) sites
Having set SSL enabled it would be nice when the system uses https during the installation

[Pen-y-Fan]

I've written a blog on how to enable security:

• How to set up Laragon on a new Windows computer (part 4) - Enable security

With Apache, you can use a .htaccess file to redirect HTTP to HTTPS.

.htaccess

<IfModule mod_rewrite.c>

    SetEnv HTTP_MOD_REWRITE On
    RewriteEngine On

    RewriteCond %{HTTPS} !=on
    # This checks to make sure the connection is not already HTTPS
	
    RewriteRule ^/?(.*) https://%{SERVER_NAME}/$1 [R=301,L]
    # This rule will redirect users from their original location to the same location but using HTTPS.
    # i.e.  http://www.example.com/foo/ to https://www.example.com/foo/
    # The leading slash is made optional so that this will work either in
    # httpd.conf or .htaccess context


</IfModule>

[isitmeor]

I am pretty sure thats not what i asked
I asked "during the installation"
your solution is manual

[rescenic]

You can type: https://localhost/wordpress instead of localhost/wordpress

[isitmeor]

again that is manual

[sohosynergy]

I've atttached the modified VirtualHost.tpl as a .txt file showing the full modification.
<Directory "${ROOT}">
AllowOverride All
Require all granted

RewriteEngine On
RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}]
RewriteBase /
RewriteRule ^index.php$ - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule . /index.php [L]
RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

<VirtualHost *:<<SSL_PORT>>>
DocumentRoot "${ROOT}"
ServerName ${SITE}
ServerAlias *.${SITE}
<Directory "${ROOT}">
AllowOverride All
Require all granted

SSLEngine on
SSLCertificateFile      <<SSL_DIR>>/<<HOSTNAME>>.crt
SSLCertificateKeyFile   <<SSL_DIR>>/<<HOSTNAME>>.key

AllowOverride All Require all granted `[VirtualHost.tpl.txt](https://github.com/leokhoa/laragon/files/14226044/VirtualHost.tpl.txt)` RewriteEngine On RewriteRule .* - [E=HTTP_AUTHORIZATION:%{HTTP:Authorization}] RewriteBase / RewriteRule ^index\.php$ - [L] RewriteCond %{REQUEST_FILENAME} !-f RewriteCond %{REQUEST_FILENAME} !-d RewriteRule . /index.php [L] RewriteCond %{HTTPS} !=on RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

<VirtualHost *:<<SSL_PORT>>>
DocumentRoot "${ROOT}"
ServerName ${SITE}
ServerAlias *.${SITE}
<Directory "${ROOT}">
AllowOverride All
Require all granted

SSLEngine on
SSLCertificateFile      <<SSL_DIR>>/<<HOSTNAME>>.crt
SSLCertificateKeyFile   <<SSL_DIR>>/<<HOSTNAME>>.key

</VirtualHost>

[isitmeor]

thanks for this!!

[sohosynergy]

How can I force http to https on installations of new (wordpress) sites Having set SSL enabled it would be nice when the system uses https during the installation

I discovered an easier way than my previous explanation:

First complete the full Laragon install, open the app and do the basic configuration (enabling ssl, setting the name for the virtual hosts, then clicking apache in the menu and setting the ssl cert for windows....)

THEN

Edit "C:\laragon\bin\apache\httpd-2.4.54-win64-VS16\conf\httpd.conf"

and look for:

<Directory "C:/laragon/www">
#
# Possible values for the Options directive are "None", "All",
# or any combination of:
# Indexes Includes FollowSymLinks SymLinksifOwnerMatch ExecCGI MultiViews
#
# Note that "MultiViews" must be named explicitly --- "Options All"
# doesn't give it to you.
#
# The Options directive is both complicated and important. Please see
# http://httpd.apache.org/docs/2.4/mod/core.html#options
# for more information.
#
Options Indexes FollowSymLinks Includes ExecCGI

#
# AllowOverride controls what directives may be placed in .htaccess files.
# It can be "All", "None", or any combination of the keywords:
#   AllowOverride FileInfo AuthConfig Limit
#originally it is set to none
AllowOverride All 

#
# Controls who can get stuff from this server.
#
Require all granted

By default AllowOverride is set to None, change to All

Create a file in the www root called .htaccess

for example:
C:\laragon\www.htaccess

Add the content below and save

RewriteEngine On RewriteCond %{HTTPS} !on RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

I've attached a .txt file with the full details!

laragonforcedssl.txt

[isitmeor]

Now when you update apache you need to do it all over?

[jeathree]

@sohosynergy I followed your directions and made the changes, however I don't notice anything different. I tried creating a new WP app but it still uses HTTP.

If I manually change the browser URL to https it works but I have to do this everytime.

Is there a way to make the shortcuts to open the sites in Laragon (right click Laragon > www > click site name) open in https instead of http???

[jeathree]

... Currently I manually create a .htaccess file for each site and place it in the root, this redirects each site to https but it's a manual process

[Drumsk8]

@isitmeor Here's something that's working for me. Thanks to @sohosynergy suggestion which didn't work for me, I came up with something simpler.

This would of driven me insane if I couldn't have found a solution.

I am just forcing a simple rewrite on the port 80 to 443, the thing is it does this prior to wordpress install, which means it installs as https. It also writes the vhost conf with this forced change so it persists within Laragon, including apache version change.

This could affect other stuff, but if you're wanting simple wordpress installs with https every time then this will do it.

update: C:\laragon\usr\tpl\VirtualHost.tpl (make a backup first)

define ROOT "<<PROJECT_DIR>>"
define SITE "<<HOSTNAME>>"

<VirtualHost *:<<PORT>>>
    ServerName ${SITE}
    ServerAlias *.${SITE}
    
    # Redirect all HTTP traffic to HTTPS
    RewriteEngine On
    RewriteCond %{HTTPS} off
    RewriteRule (.*) https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]
</VirtualHost>

<VirtualHost *:<<SSL_PORT>>>
    DocumentRoot "${ROOT}"
    ServerName ${SITE}
    ServerAlias *.${SITE}
    <Directory "${ROOT}">
        AllowOverride All
        Require all granted
    </Directory>

    SSLEngine on
    SSLCertificateFile      <<SSL_DIR>>/<<HOSTNAME>>.crt
    SSLCertificateKeyFile   <<SSL_DIR>>/<<HOSTNAME>>.key
</VirtualHost>

Opening links going forwards works, but it doesn't seem to affect sites created before this edit. You'd have to manually fix vhost confs for them.

This really needs to be handled better by Laragon, but that's up to the author @leokhoa to fix. (He's a super star, this project is awesome)

[isitmeor]

Great Ill test it out