node package manager
Love JavaScript? Your insights can make it even better. Take the 2017 JavaScript Ecosystem Survey ยป



Redirect users on plain HTTP connections to HTTPS. For Express apps.


app.use(require('force-secure')) Make sure to put it before any other middleware, especially app.router!


If you're behind a reverse proxy or load balancer (such as on the awesome Nodejitsu PaaS), you'll have to tell Express to trust the proxy's X-Forwarded-Proto header. app.enable('trust proxy')

If you're not using Express, you can use the trust-proxy middleware for this.