When using https with an AWS ELB the normal redirect of http requests to https can cause a redirect loop. We have to look at the request, make sure it’s not already https.
The Amazon Elastic Load Balancer (ELB) supports a HTTP header called X-FORWARDED-PROTO. All the HTTPS requests going through the ELB will have the value of X-FORWARDED-PROTO equal to “HTTPS“. For the HTTP requests, you can force HTTPS by adding a simple rewrite rule, as follows:
1. Nginx
In your nginx site config file check if the value of X_FORWARDED_PROTO is https, if not, rewrite it:
server { listen 80; .... location / { if ($http_x_forwarded_proto != 'https') { rewrite ^ https://$host$request_uri? permanent; } .... } }
2. Apache
Same goes for Apache, add this rewrite rule to your site’s config file: (Centos location /etc/httpd/conf.d/)
<VirtualHost *:80> ... RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} ... </VirtualHost>
3. IIS Windows
Install IIS Url- Rewrite module, using the configuration GUI add these settings
<rewrite xdt:Transform="Insert"> <rules> <rule name="HTTPS rewrite behind ELB rule" stopProcessing="true"> <match url="^(.*)$" ignoreCase="false" /> <conditions> <add input="{HTTP_X_FORWARDED_PROTO}" pattern="^http$" ignoreCase="false" /> </conditions> <action type="Redirect" redirectType="Found" url="https://{SERVER_NAME}{URL}" /> </rule> </rules> </rewrite>