settings.php – How to configure HTTPS and HSTS on Pantheon

We have a site on the pantheon and need to configure HSTS. We must first redirect to https://domain.com, then the HSTS header before redirecting to https://www.domain.com. We have tried that but can not make it work.

Our current settings.php file

start the code

`

/ **
* Load the service definition file.
* /
$ parameters[‘container_yamls’][] = DIR . & # 39; /services.yml&#39 ;;

/ **
* Include the Pantheon-specific parameter file.
*
* nb The settings.pantheon.php file makes some changes
* that affect all environments that this site
* exists in. Always include this file, even in
* a local development environment, to ensure that
* the site's parameters remain consistent.
* /
understand DIR . "/Settings.pantheon.php";

/ **
* If there is a local settings file, include it
* /
$ local_settings = DIR . "/Settings.local.php";
if (file_exists ($ local_settings)) {
include $ local_settings;
}
$ parameters[‘install_profile’] = & # 39 ;;

/ **
* Add pantheon.io code from https://pantheon.io/docs/domains/#redirect-to-https-and-the-primary-domain
* /

if (isset ($ _ ENV[‘PANTHEON_ENVIRONMENT’]) && php_sapi_name ()! = & # 39; cli & # 39;) {
// Redirect to https: // $ primary_domain in the live environment
if ($ _ENV[‘PANTHEON_ENVIRONMENT’] ===> live & # 39;) {
/ ** Replace www.example.com with your registered domain name * /
$ primary_domain = & # 39; www.domain.com & # 39 ;;
}
other {
// Redirect to HTTPS on each Pantheon environment.
$ primary_domain = $ _SERVER[‘HTTP_HOST’];
}

if ($ _SERVER[‘HTTP_HOST’] ! = $ primary_domain
|| ! isset ($ _ SERVER[‘HTTP_USER_AGENT_HTTPS’])
|| $ _SERVER[‘HTTP_USER_AGENT_HTTPS’] ! = & # 39; ON & # 39;) {

Name the transaction "redirection" in New Relic to improve the reports (optional)
if (extension_loaded (& # 39; newrelic & # 39;)) {
newrelic_name_transaction ("redirect");
}

header (& # 39; HTTP / 1.0 301 moved permanently & # 39;);
header (& # 39; Location: https: // $ .domain. $ _SERVER['REQUEST_URI'])
exit();

}
// Drupal Approved Host Settings 8
if (is_array ($ settings)) {
$ parameters[‘trusted_host_patterns’] = array (& # 39; ^; preg_quote ($ primary_domain). & # 39; $ & # 39;);
}
}

// remove ALL index.php queries
if (preg_match (& # 39; / ^ / index.php (. *) $ / & # 39 ;, $ _SERVER[‘REQUEST_URI’], $ corresponds)) {
header (& # 39; Location: https: //domain.com '. $ Matches1, TRUE, 301 & # 39;);
exit;
} `

end code