Skip to main content

Laravel: This form is not secure

· One min read
Samuel Iheadindu

This form is not secure, autofill has been turned off

Have you ever been frustrated with the the situation in the topic above? In my case, we have an nginx reverse proxy with ssl certificate which has configuration that points to each internal application exposed through the reverse proxy. The ssl certificate of the reverse proxy ought to cover for all the applications exposed through it, so that we don’t need to generate ssl certificate for each application.

Here is a simple solution in laravel! Locate your AppServiceProvider in the folder path: /apps/Providers/AppServiceProvider.php

In the boot method of the app service provider, paste the following code:

if($this->app->environment('production')) {

Save your code and exit

Open your .env file and make sure that APP_ENV variable is set to production APP_ENV=production

With this, your application should force your code to use the ssl certificate of the reverse proxy.


The nginx reverse proxy server should be using wildcard ssl certificate for this whole setting to work properly.