HTTPS is a protocol used to secure data transmission. After you upgrade from HTTP to HTTPS, you can redirect HTTP requests to HTTPS listeners without modifications on the user side.
Prerequisites
An ALB instance is created. An HTTP listener and an HTTPS listener are added to the ALB instance. The HTTPS listener uses port 443. For more information, see the following topics:
An Elastic Compute Service (ECS) instance is created to send HTTP requests. The ECS instance and the ALB instance are in the same VPC.
Redirect HTTP requests to HTTPS ports
You can create a forwarding rule to redirect HTTP requests to an HTTPS port, which is port 443.
- Log on to the ALB console.
In the top navigation bar, select the region where the ALB instance is deployed.
On the Instances page, click the ID of the ALB instance that you want to manage.
On the Listener tab, find the HTTP listener and click View/Modify Forwarding Rule in the Actions column.
On the Forwarding Rules tab, click Add New Rule.
In the Add Forwarding Rules section, specify Name and the following parameters and click OK.
Condition
Description
If (Match All Conditions):
Select Path. In this example, /* is entered.
Action
Select Redirect.
Protocol: HTTPS is selected in this example.
Domain Name: Use the default value ${host}.
Port: Enter the port number of the HTTPS listener. In this example, the value is set to 443.
Path: Use the default value ${path}.
Query: Use the default value ${query}.
Status Code: 301 is used in this example.
On the Forwarding Rules tab, you can drag the forwarding rule that you created to the top of the list and click Save Priority Changes in the upper-right corner to assign the highest priority to the forwarding rule.
If the forwarding rule is already listed on the top of the list, skip this step.
After you configure the forwarding rule, HTTP requests are redirected to port 443, which is the HTTPS port.
Remotely log on to the ECS instance and run the command
curl -v http://<ALB domain name>
to test whether HTTP requests from the ECS instance can be redirected to the HTTPS port of the ALB instance. For more information about how to remotely log on to an ECS instance, see Connection methods.The following figure shows that the HTTP 301 status code is returned, which indicates that HTTP requests destined for the ALB instance are redirected to the HTTPS port.
Redirect requests based on HTTP headers
You can configure the redirect action to redirect whose Accept-Language header value is zh-CN,zh and are destined for the ALB domain name to the domain name https://www.example.com.
- Log on to the ALB console.
In the top navigation bar, select the region where the ALB instance is deployed.
On the Instances page, click the ID of the ALB instance that you want to manage.
On the Listener tab, find the HTTP listener and click View/Modify Forwarding Rule in the Actions column.
On the Forwarding Rules tab, click Add New Rule.
In the Add Forwarding Rules section, specify Name and the following parameters and click OK.
Condition
Description
If (Match All Conditions):
Select HTTP Header.
Key: In this example, Accept-Language is entered.
Value: In this example, zh-CN,zh is entered.
Action
Select Redirect.
Protocol: HTTPS is selected in this example.
Domain Name: In this example, www.example.com is entered.
Port: Enter the port number of the HTTPS listener. In this example, the value is set to 443.
Path: Use the default value ${path}.
Query: Use the default value ${query}.
Status Code: In this example, 302 is selected.
On the Forwarding Rules tab, you can drag the forwarding rule that you created to the top of the list and click Save Priority Changes in the upper-right corner to assign the highest priority to the forwarding rule.
If the forwarding rule is already listed on the top of the list, skip this step.
After you configure the redirect action, requests whose Accept-Language header value is zh-CN,zh and are destined for the ALB domain name are redirected to the domain name https://www.example.com.
Remotely log on to the ECS instance and run the command
curl -H "Accept-Language: zh-CN,zh" <ALB domain name>
to test whether HTTP requests from the ECS instance can be redirected to the domain name https://www.example.com.The following figure shows that the HTTP 302 status code is returned, which indicates that HTTP requests destined for the ALB instance are redirected to the domain name https://www.example.com.
Status codes for redirects
The default HTTP status code for ALB redirects is 301. You can specify an HTTP status code as needed. The following table describes the HTTP status codes supported by ALB.
HTTP status code | Description |
301 | Indicates a permanent redirect. The requested resource is permanently moved to the new URL. We recommend that all requests from clients use the new URL. |
302 | Indicates a temporary redirect. The requested resource is temporarily moved. The clients can continue to use the original URL. |
303 | Similar to 302. POST requests are redirected to GET requests. |
307 | Similar to 302. POST requests are not redirected to GET requests. |
308 | Similar to 301. POST requests are not redirected to GET requests. |