How to force HTTPS on Laravel for all routes? Using Different Methods to make URLs secure

In this article I’ll show how to force Laravel project to use HTTPS for all links such as routes, assets. Some of the codes are taken from scratchcoding Laravel Code Examples. Let’s start to find out different methods of how to force https on laravel:

Do not forget to clear Laravel cache after making below changes.

AppServiceProvider in the boot()

Place this in the AppServiceProvider in the boot() method

File Path: app->providers->AppServiceProvider.php

if($this->app->environment('production')) {

Configure your web server

Configure your web server to redirect all non-secure requests to https. Example of a nginx config:

server {
    listen 80 default_server;
    listen [::]:80 default_server;
    return 301$request_uri;

web.php or api.php

use the following line at the end of the web.php or api.php file and it worked perfectly:

File Path : routes->web.php / routes->api.php



You can set 'url' => '' in config/app.php


Using the following code in your .htaccess file automatically redirects visitors to the HTTPS version of your site:

RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule ^(.*)$ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]


In your .env file, just use



For laravel 8, if you tried all of the above methods but got browser redirected you too many times error, please set proxies in TrustProxies middleware like the following:

  * The trusted proxies for this application.
  * @var array|string|null
protected $proxies = '*';