Rule: ELB Application Load Balancers Redirect HTTP to HTTPS

Rule Description:

Troubleshooting Steps:

2. 1.
   Verify that the ELB application load balancer is properly configured.
4. 2.
   Check the listener rules for the load balancer to ensure that HTTP traffic is redirected to HTTPS.
6. 3.
   Review the security group settings for the load balancer to ensure that both HTTP (port 80) and HTTPS (port 443) are allowed.
8. 4.
   Verify that the SSL certificate is correctly configured and associated with the load balancer.
10. 5.
    Test the HTTP to HTTPS redirection by accessing the load balancer's HTTP endpoint and checking if it automatically redirects to HTTPS.

Necessary Codes:

Step-by-Step Guide for Remediation:

2. 1.
   Open the AWS Management Console and navigate to the EC2 service.
4. 2.
   Click on "Load Balancers" in the left sidebar.
6. 3.
   Select the ELB application load balancer that needs to be configured for redirecting HTTP to HTTPS.
8. 4.
   Go to the "Listeners" tab and locate the HTTP listener (port 80).
10. 5.
    Click on the edit icon (pencil) next to the HTTP listener.
12. 6.
    In the "Edit Listener" dialog box, change the protocol to HTTPS and specify the SSL certificate that you want to use.
14. 7.
    Enable the HTTP to HTTPS redirection by enabling the "Redirect HTTP to HTTPS" option.
16. 8.
    Click on the "Save" button to apply the changes.
18. 9.
    Wait for the changes to propagate. It may take a few moments for the changes to take effect.
20. 10.
    Test the redirection by accessing the load balancer's HTTP endpoint (e.g., http://example.com) in a web browser. The request should automatically redirect to the HTTPS endpoint (e.g., https://example.com).