How do I force my application to use SSL/TLS?

Issue

You have configured an SSL endpoint and now you want your application to use https for all requests.

Resolution

Redirects need to be performed at the application level as the Heroku router does not provide this functionality. You should code the redirect logic into your application.

Rails

Use config.force_ssl = true in your config/environments/production.rb or similar.

Node (Express.js)

Use a package to set this up for your app. Some options can be found here: https://libraries.io/search?platforms=NPM&q=express+ssl

PHP

You can add directives to the .htaccess file at the root of your project to do this. See this SO post for an example https://stackoverflow.com/a/4399158