AWS Elastic Beanstalk
Developer Guide

Configuring HTTP to HTTPS Redirection

In Configuring HTTPS for Your Elastic Beanstalk Environment and its subtopics, we discuss configuring your Elastic Beanstalk environment to use HTTPS to ensure traffic encryption into your application. This topic describes how to elegantly handle HTTP traffic to your application if end users still initiate it. You do this by configuring HTTP to HTTPS redirection, sometimes referred to as forcing HTTPS.

To configure redirection, you first configure your environment to handle HTTPS traffic. Then you configure the web servers on the environment's instances to redirect HTTP traffic to HTTPS by responding with an HTTP redirection response status.

To configure HTTP to HTTPS redirection

  1. Do one of the following:

  2. Configure your Amazon Elastic Compute Cloud (Amazon EC2) instances to redirect HTTP traffic to HTTPS. This configuration depends on your environment's platform. Find the folder for your platform in the https-redirect collection on GitHub, and use the example configuration file in that folder.

If your environment uses Elastic Load Balancing health checks, the load balancer expects a healthy instance to respond to the HTTP health check messages with HTTP 200 (OK) responses. Therefore, your web server shouldn't redirect these messages to HTTPS. The example configuration files in https-redirect handle this requirement correctly.