How to enable https¶
There are two ways to enable HTTPS:
Configuring routes¶
If you want to secure some routes and make sure that they are always accessed via the HTTPS protocol,
you can add the schemes
parameter to the app/config/routing.yml
file.
1 2 3 4 5 | # app/config/routing.yml
acme_secure:
resource: .
type: oro_auto
schemes: [https]
|
Configuring security config¶
As an alternative, you have to add the requires_channel
option to the app/config/security.yml
file:
1 2 3 4 5 6 7 | # app/config/security.yml
# ...
access_control:
# ...
- { path: ^/acme, roles: ROLE_ADMIN, requires_channel: https}
# ...
|
This method is better suited for cases when you need to secure certain URLs or sections of your website (URLs starting with some prefix, etc.)