Menu
I have a simple containerized web app (Nginx serving HTML and Javascript) that I deployed to Google Cloud Run.
The problem is, I can't seem to force HTTPS connections even though I already verified and updated the DNS records to do so. A user can still access the unsecured http endpoint of my Cloud Run application if they wanted to.
How to set up a Google Cloud Run service that forces or redirects users to use HTTPS?
735
No, you cannot redirect HTTP to HTTPS at the DNS level. This is something you have to configure on your web server (because it manages the protocol). If you don't have access to your web server, you will need to contact your web hosting provider.
Select a load balancer, and then choose HTTP Listener. Under Rules, choose View/edit rules. Choose Edit Rule to modify the existing default rule to redirect all HTTP requests to HTTPS. Or, insert a rule between the existing rules (if appropriate for your use case).
The LB sends a header called X-Forwarded-Proto that contains either http or https so you can easily redirect with 301 Moved Permanently in case you detect that.
Sample for the edited question with Nginx: http://scottwb.com/blog/2013/10/28/always-on-https-with-nginx-behind-an-elb/
Example Go code:
func main() {
http.HandleFunc("/", func(writer http.ResponseWriter, request *http.Request) {
if request.Header["X-Forwarded-Proto"][0] == "http" {
http.Redirect(writer, request, "https://" + request.Host + request.RequestURI, http.StatusMovedPermanently)
return
}
fmt.Printf("Request: %+v, headers: %+v \n", request, request.Header)
writer.Write([]byte("hello world"))
})
http.ListenAndServe(":"+os.Getenv("PORT"), nil)
}
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
