node package manager
Don’t reinvent the wheel. Reuse code within your team. Create a free org »



Redirect users on plain HTTP connections to HTTPS. For Express apps.


app.use(require('force-secure')) Make sure to put it before any other middleware, especially app.router!


If you're behind a reverse proxy or load balancer (such as on the awesome Nodejitsu PaaS), you'll have to tell Express to trust the proxy's X-Forwarded-Proto header. app.enable('trust proxy')

If you're not using Express, you can use the trust-proxy middleware for this.