When managing a Moodle site, there are reasons to make the entire Moodle site work on an https:// connection. This will make all data transmitted over the site to be encrypted on an SSL connection. To achieve this, the Moodle config.php file will need to be edited and the .htaccess will need to have a redirect set up to force the https:// to load. The following tutorial will explain how to force Moodle 2.3 to work over an SSL connection.
Forcing SSL on https for Moodle
- Log into cPanel
Navigate to the config.php file in the File manager.
Look for the line 17 (on default config files) that shows:
$CFG->wwwroot = 'https://example.com';
Change the https:// to https:// like the following:
$CFG->wwwroot = 'https://example.com';
Next, Set up a redirect in your .htaccess file. Place the following code to force the https:// redirect.
RewriteEngine On RewriteCond %{SERVER_PORT} 80 RewriteRule ^(.*)$ https://www.example.com/$1 [R,L]Save the .htaccess file.
This concludes the article on Forcing Moodle 2.3 to work over SSL. For more information on this Education course please visit Moodle site security and server settings
Hi,
your post is informative.
In case if the moodle site is a subsite which is not a root site then how should the redirect code look like.
Thanks
Hello Das,
What do you mean a subsite? Did you mean a subdomain like ‘moodle.example.com‘? If so, the SSL would need to have been created with that in mind. The code would be almost identical, simply replacing example.com with subdomain.example.com
Kindest Regards,
Scott M