Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Force HTTP to HTTPS through an AWS EC2 load-balancer

Tags:

php

ssl

.htaccess

amazon-web-services

amazon-ec2

We have an AWS EC2 load-balancer and it has SSL certificate installed on it. But the servers in the pool are still running on port 80 and non-SSL protocol.

The issue is that i do not have access to the load-balancer, but i still have to route the non-SSL traffic to secure HTTPS. I tried adding following in the htaccess but it did not work and understandable that is because the servers are still running on HTTP.

RewriteCond %{HTTPS} !=on
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

I tried the same thing in PHP code, that did not work either.

if (!isset($_SERVER['HTTPS']) || $_SERVER['HTTPS'] != "on") {
        $url = "https://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
        redirect($url);
        exit;
    }

So, i get that servers are still running on HTTP and the certificate is only applied on load-balancer. What would be the best solution to forc such redirect in this scenario. One solution i could think of is parsing URL in the code to see if it has http:// in there and redirect. This might work but i dont really think it as a clean and final solution. Is there a way AWS EC2 can redirect in such manner? I am not familiar with AWS EC2.

Also, are there any server parameters that might suggest that the server is running on port 80 but the HTTPS is still on?

like image 476
xmaestro Avatar asked Mar 15 '23 00:03

xmaestro

2 Answers

I was able to find a solution in AWS docs here.

It says that AWS load-balancer forwards following server vars to the pool.

X-Forwarded-Proto specifies the protocol (“http” or “https”) of the original request made to the Elastic Load Balancer.
X-Forwarded-Port specifies the port of the original request.

So, since we are using AWS EC2, it solves the problem but be careful using in case you are using some other environment since they might not be present there.

The complete code is:

if(isset($_SERVER['HTTP_X_FORWARDED_PROTO'])){

        if ($_SERVER['HTTP_X_FORWARDED_PROTO']=="http") {
            $url = "https://" . $_SERVER['SERVER_NAME'] . $_SERVER['REQUEST_URI'];
            redirect($url);
            exit;
        }

    }
like image 146
xmaestro Avatar answered Mar 23 '23 08:03

xmaestro

Use the following rule:

RewriteCond %{HTTP:X-Forwarded-Proto} !https
RewriteCond %{HTTPS} off
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301,NE]
like image 27
Ravi Shanker Avatar answered Mar 23 '23 08:03

Ravi Shanker
Sign in to Comment

Related questions

Macports switch PHP CLI version
Bad Request (#400) in Yii2 when trying to login
Namespace declaration statement has to be the very first statement in the script
MySQL query and subquery
Laravel can't find class in namespace
Symfony2.7.1 fresh installation. Failed to load resource
Get Facebook multiple variations of Video ID from URL using RegEx in PHP
How to get JSON data from an API
Laravel Socialite 2.0 Facebook Authentication only returning id and name
Run a PHP script multiple times simultaneously linux command line
Render controller in TWIG and show form errors
How to run (or should I run) Composer on Openshift?
Open and close connection to db or keep it
Sign .mobileconfig on a PHP server
Creating custom helper class?
How to populate the modified_by with the user_id of who made the update to the record using laravel 5.1?
Laravel 5 Elixir: How to mix copy multiple files
Auto-populate site tree items for SilverStripe site
AJAX call not sending
How to get params in url , and it is array? yii2

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!