All Products
Search
Document Center

Server Load Balancer:Redirect HTTP requests to an HTTPS listener

Last Updated:Nov 16, 2023

HTTPS is a protocol used to secure data transmission. After you upgrade from HTTP to HTTPS, you can redirect HTTP requests to HTTPS listeners without modifications on the user side.

Prerequisites

  • An ALB instance is created. An HTTP listener and an HTTPS listener are added to the ALB instance. The HTTPS listener uses port 443. For more information, see the following topics:

  • An Elastic Compute Service (ECS) instance is created to send HTTP requests. The ECS instance and the ALB instance are in the same VPC.

Redirect HTTP requests to HTTPS ports

You can create a forwarding rule to redirect HTTP requests to an HTTPS port, which is port 443.

  1. Log on to the ALB console.
  2. In the top navigation bar, select the region where the ALB instance is deployed.

  3. On the Instances page, click the ID of the ALB instance that you want to manage.

  4. On the Listener tab, find the HTTP listener and click View/Modify Forwarding Rule in the Actions column.

  5. On the Forwarding Rules tab, click Add New Rule.

  6. In the Add Forwarding Rules section, specify Name and the following parameters and click OK.

    Condition

    Description

    If (Match All Conditions):

    Select Path. In this example, /* is entered.

    Action

    Select Redirect.

    • Protocol: HTTPS is selected in this example.

    • Domain Name: Use the default value ${host}.

    • Port: Enter the port number of the HTTPS listener. In this example, the value is set to 443.

    • Path: Use the default value ${path}.

    • Query: Use the default value ${query}.

    • Status Code: 301 is used in this example.

  7. On the Forwarding Rules tab, you can drag the forwarding rule that you created to the top of the list and click Save Priority Changes in the upper-right corner to assign the highest priority to the forwarding rule.

    If the forwarding rule is already listed on the top of the list, skip this step.

    After you configure the forwarding rule, HTTP requests are redirected to port 443, which is the HTTPS port.

  8. Remotely log on to the ECS instance and run the command curl -v http://<ALB domain name> to test whether HTTP requests from the ECS instance can be redirected to the HTTPS port of the ALB instance. For more information about how to remotely log on to an ECS instance, see Connection methods.

    The following figure shows that the HTTP 301 status code is returned, which indicates that HTTP requests destined for the ALB instance are redirected to the HTTPS port.基于路径转发结果验证

Redirect requests based on HTTP headers

You can configure the redirect action to redirect whose Accept-Language header value is zh-CN,zh and are destined for the ALB domain name to the domain name https://www.example.com.

  1. Log on to the ALB console.
  2. In the top navigation bar, select the region where the ALB instance is deployed.

  3. On the Instances page, click the ID of the ALB instance that you want to manage.

  4. On the Listener tab, find the HTTP listener and click View/Modify Forwarding Rule in the Actions column.

  5. On the Forwarding Rules tab, click Add New Rule.

  6. In the Add Forwarding Rules section, specify Name and the following parameters and click OK.

    Condition

    Description

    If (Match All Conditions):

    Select HTTP Header.

    • Key: In this example, Accept-Language is entered.

    • Value: In this example, zh-CN,zh is entered.

    Action

    Select Redirect.

    • Protocol: HTTPS is selected in this example.

    • Domain Name: In this example, www.example.com is entered.

    • Port: Enter the port number of the HTTPS listener. In this example, the value is set to 443.

    • Path: Use the default value ${path}.

    • Query: Use the default value ${query}.

    • Status Code: In this example, 302 is selected.

  7. On the Forwarding Rules tab, you can drag the forwarding rule that you created to the top of the list and click Save Priority Changes in the upper-right corner to assign the highest priority to the forwarding rule.

    If the forwarding rule is already listed on the top of the list, skip this step.

    After you configure the redirect action, requests whose Accept-Language header value is zh-CN,zh and are destined for the ALB domain name are redirected to the domain name https://www.example.com.

  8. Remotely log on to the ECS instance and run the command curl -H "Accept-Language: zh-CN,zh" <ALB domain name> to test whether HTTP requests from the ECS instance can be redirected to the domain name https://www.example.com.

    The following figure shows that the HTTP 302 status code is returned, which indicates that HTTP requests destined for the ALB instance are redirected to the domain name https://www.example.com.基于HTTP标头重定向

Status codes for redirects

The default HTTP status code for ALB redirects is 301. You can specify an HTTP status code as needed. The following table describes the HTTP status codes supported by ALB.

HTTP status code

Description

301

Indicates a permanent redirect. The requested resource is permanently moved to the new URL. We recommend that all requests from clients use the new URL.

302

Indicates a temporary redirect. The requested resource is temporarily moved. The clients can continue to use the original URL.

303

Similar to 302. POST requests are redirected to GET requests.

307

Similar to 302. POST requests are not redirected to GET requests.

308

Similar to 301. POST requests are not redirected to GET requests.

References

Manage forwarding rules for a listener