Cloud Defense Logo

Products

Solutions

Company

Book A Live Demo

Rule: ELB Application Load Balancers Redirect HTTP to HTTPS

This rule ensures that ELB Application Load Balancers redirect HTTP requests to HTTPS for security compliance.

RuleELB application load balancers should redirect HTTP requests to HTTPS
FrameworkNIST 800-53 Revision 5
Severity
Medium

Rule Description:

The rule states that all HTTP requests to Elastic Load Balancer (ELB) application load balancers should be redirected to HTTPS. This is in accordance with the NIST 800-53 Revision 5 security requirement to enforce secure communication protocols.

Enforcing HTTPS ensures that data transmitted between the client and the server is encrypted and secure, protecting sensitive information and preventing unauthorized access.

Troubleshooting Steps:

  1. 1.
    Check ELB Configuration: Validate that the ELB application load balancer is properly configured to handle both HTTP and HTTPS traffic.
  2. 2.
    Verify Listener Configuration: Ensure that the listener for port 80 (HTTP) is configured to redirect traffic to port 443 (HTTPS).
  3. 3.
    Check SSL Certificate: Make sure that a valid SSL certificate is configured for the ELB and properly associated with the listener for port 443 (HTTPS).

Code Samples:

None

Remediation:

To enforce the redirection of HTTP to HTTPS on an ELB application load balancer, follow these step-by-step instructions:

  1. 1.
    Open the AWS Management Console and navigate to the EC2 service.
  2. 2.
    Click on "Load Balancers" in the left-hand menu.
  3. 3.
    Select the ELB application load balancer for which you want to enable the redirection.
  4. 4.
    In the "Description" tab, locate the "Listeners" section and click on "View/edit rules".
  5. 5.
    Scroll down to the listener for port 80 (HTTP) and click on the "Edit" button.
  6. 6.
    In the "Rule actions" section, click on the "+" button to add a new action.
  7. 7.
    Select "Redirect to" from the drop-down menu.
  8. 8.
    In the "Redirect to" section, select "HTTPS" from the protocol drop-down menu.
  9. 9.
    Set the port to "443" (or the appropriate HTTPS port).
  10. 10.
    Click on the "Save" button to apply the changes.
  11. 11.
    Test the redirection by accessing the ELB using HTTP (e.g., http://example.com) and verify that it automatically redirects to HTTPS (e.g., https://example.com).

Note: It is necessary to have a valid SSL certificate configured for the ELB and associated with the listener for port 443 (HTTPS) in order for the redirection to work as intended.

By following these steps, you ensure that all HTTP requests to the ELB application load balancer are automatically redirected to the secure HTTPS protocol, helping to meet the NIST 800-53 Revision 5 security requirement.

Is your System Free of Underlying Vulnerabilities?
Find Out Now