{"id":13678393,"url":"https://github.com/mehdibo/Codeigniter-SSLHook","last_synced_at":"2025-04-29T13:30:44.688Z","repository":{"id":144689788,"uuid":"129001988","full_name":"mehdibo/Codeigniter-SSLHook","owner":"mehdibo","description":"Appropriate headers and redirection for SSL websites","archived":true,"fork":false,"pushed_at":"2021-12-06T11:45:07.000Z","size":8,"stargazers_count":22,"open_issues_count":0,"forks_count":6,"subscribers_count":4,"default_branch":"master","last_synced_at":"2024-02-15T10:37:16.340Z","etag":null,"topics":["codeigniter","headers","hooks","security","ssl","ssl-support"],"latest_commit_sha":null,"homepage":null,"language":"PHP","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/mehdibo.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2018-04-10T22:25:45.000Z","updated_at":"2023-01-28T04:56:58.000Z","dependencies_parsed_at":null,"dependency_job_id":"fb0d3287-3bf4-4a97-822c-a00ff8cbf819","html_url":"https://github.com/mehdibo/Codeigniter-SSLHook","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mehdibo%2FCodeigniter-SSLHook","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mehdibo%2FCodeigniter-SSLHook/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mehdibo%2FCodeigniter-SSLHook/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/mehdibo%2FCodeigniter-SSLHook/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/mehdibo","download_url":"https://codeload.github.com/mehdibo/Codeigniter-SSLHook/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":251509393,"owners_count":21600626,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["codeigniter","headers","hooks","security","ssl","ssl-support"],"created_at":"2024-08-02T13:00:53.085Z","updated_at":"2025-04-29T13:30:43.063Z","avatar_url":"https://github.com/mehdibo.png","language":"PHP","readme":"\u003e :warning:  I no longer maintaing this project, if you have access to the server add these headers and redirections early on before the request even reaches the application \n\nCodeigniter-SSLHook\n============================\n\nThis hook will automatically redirect to the HTTPS version of your website and set the appropriate headers.\n\n\nInstallation\n-----------------\nMake sure your `base_url` starts with `https`\n\nCopy `/application/config/hooks.php`  into your `application`'s folder.\nIf you have other hooks copy the content of `/application/config/hooks.php` to your `hooks.php` file.\n\nEnable hooks by modifying your `/application/config/config.php`, set `enable_hooks` to `TRUE`:\n```php\n/*\n|--------------------------------------------------------------------------\n| Enable/Disable System Hooks\n|--------------------------------------------------------------------------\n|\n| If you would like to use the 'hooks' feature you must enable it by\n| setting this variable to TRUE (boolean).  See the user guide for details.\n|\n*/\n$config['enable_hooks'] = TRUE;\n```\n\nHow does it work?\n-----------------\nThe hook will:\n- Redirect to the HTTPS version if accessed from a non-secure connection.\n- Make cookies only accessible via HTTPS (no JavaScript)\n- Set the following headers:\n  -  `Strict-Transport-Security: max-age=2629800`\n  -  `X-Content-Type-Options: nosniff`\n  -  `Referrer-Policy: strict-origin`\n  -  `X-Frame-Options: DENY`\n  -  `X-XSS-Protection: 1; mode=block`\n","funding_links":[],"categories":["Hooks","Uncategorized"],"sub_categories":["Uncategorized"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmehdibo%2FCodeigniter-SSLHook","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmehdibo%2FCodeigniter-SSLHook","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmehdibo%2FCodeigniter-SSLHook/lists"}