Two common issues when you use AWS or any other cloud Load Balancer:
HTTPS (Laravel asset and route): You applied SSL/TLS and the URL is protected in the browser but Laravel doesn't load your asset and throw an error. The error look like it blocks the URLS because of you are trying to load http URL http request. Most of the people facing this issue when use AWS or any other cloud Load Balancer. When running your applications behind a load balancer that terminates TLS / SSL certificates, you may notice your application sometimes does not generate HTTPS links when using the url helper. Typically this is because your application is being forwarded traffic from your load balancer on port 80 and does not know it should generate secure links.
IP: Another issue is IP issue. You can't get the user/visitor IP and it returns always server IP. This issue also happen because of proxies.
Solution: When you are using AWS or any cloud Load Balancer then you may not know the exact IP address of your actual Loads Balancer so should allow all proxies like below example.
Use * to allow trust all proxies in your TrustProxies middleware. Here is your middleware app/Http/Middlewares/TrustProxies.php.
namespace App\Http\Middleware;
use Fideloper\Proxy\TrustProxies as Middleware;
use Illuminate\Http\Request;
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var string|array
*/
protected $proxies = '*';
/**
* The headers that should be used to detect proxies.
*
* @var int
*/
protected $headers = Request::HEADER_X_FORWARDED_FOR | Request::HEADER_X_FORWARDED_HOST | Request::HEADER_X_FORWARDED_PORT | Request::HEADER_X_FORWARDED_PROTO;
If you are using AWS Elastic Load Balancing, your $headers value should be Request::HEADER_X_FORWARDED_AWS_ELB. For more information on the constants that may be used in the $headers property, check out Symfony's documentation on trusting proxies.
namespace App\Http\Middleware;
use Fideloper\Proxy\TrustProxies as Middleware;
use Illuminate\Http\Request;
class TrustProxies extends Middleware
{
/**
* The trusted proxies for this application.
*
* @var array|string
*/
protected $proxies = '*';
/**
* The headers that should be used to detect proxies.
*
* @var int
*/
protected $headers = Request::HEADER_X_FORWARDED_AWS_ELB;
I think it solves your HTTPS, IP and other proxy related issue. To read more details read Laravel doc.
Solution 2 : There are another way to allow https by forcing in your AppServiceProvider or Create a new middleware to implement this. In my code snippet I decide to use AppServiceProvider because easy to implement. Open app/Providers/AppServiceProvider.php in any text editor and write $this->app['request']->server->set('HTTPS', true);. You may extra check that APP in production mode.
if(request()->getRequestUri() != '/health' && $this->app->environment('production')) {
$this->app['request']->server->set('HTTPS', true);
}
request()->getRequestUri() != '/health' used for health check of AWS ALB security group because it doesn't support https.
- You may use
URL::forceScheme('https') to force asset url as https.
Last solution 2 and 3 only for assets, https, and url() but won't for real IP. So I recommend use First solution because it works for all cases. If you don't want to allow proxies then Solution 2 is the most effective.
If you face any other issue or need improvements comments below.
Good luck. Enjoy!
