On AWS Ec2 instances, your web server is listening on port 80 to accept HTTP connections. Afterward, you configured the Amazon Elastic Load Balancer (ELB) to listen for HTTP and HTTPS traffic and forward all requests to the backend server on port 80 only. The Amazon Elastic Load Balancer (ELB) supports the X-Forwarded-Proto header value, which includes the protocol of the application.
The X-Forwarded-Proto header value of the HTTP request is used in this tutorial, and the rewrite rules are applied if the client protocol is not HTTPS. Here is how to force a redirect to HTTPS behind AWS ELB using Apache, Nginx, or IIS web servers.
1. Apache
Edit the Apache VirtualHost configuration file in a text editor and add the following content. Make sure the rewrite module is enabled in the Apache server.
RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI}
2. Nginx
Edit Nginx HTTP server block for your domain to configure force redirection. Add the following content under the location block to redirect all HTTP traffic to the HTTPS.
location / {
if ($http_x_forwarded_proto != 'https') {
rewrite ^ https://$host$request_uri? permanent;
}
3. IIS
The windows servers with IIS web server edit the web.config file and add the following code under the
<rewrite>
<rules>
<rule name="AWS ELB Forece Redirect to HTTPS" stopProcessing="true">
<match url="^(.*)$" ignoreCase="false" />
<conditions>
<add input="{HTTP_X_FORWARDED_PROTO}" pattern="^http$" ignoreCase="false" />
</conditions>
<action type="Redirect" redirectType="Found" url="https://{HTTP_HOST}{REQUEST_URI}" />
</rule>
</rules>
</rewrite>
Conclusion
If you have an AWS application and are using an AWS load balancer, this blog post will show you how you can redirect all traffic coming to your EC2 instances over HTTPS (and not just on port 443).