Ensure that your Amazon Application Load Balancers (ALBs) are configured to redirect HTTP traffic (port 80) to HTTPS (port 443) in order to follow security best practices and meet compliance requirements.
This rule can help you work with the AWS Well-Architected Framework
This rule resolution is part of the Cloud Conformity Security & Compliance tool for AWS
Redirecting HTTP traffic to HTTPS within your Application Load Balancer (ALB) listeners' configuration simplifies deployments while benefiting from the scale, the availability, and the reliability of Amazon Elastic Load Balancing. The ALB's capability to redirect HTTP requests to HTTPS allows you to meet your compliance goal of secure browsing and achieve better search ranking and high SSL/TLS score for your websites/web applications.
To determine if your Application Load Balancers (ALBs) are configured to redirect HTTP traffic to HTTPS, perform the following operations:
Remediation / Resolution
To configure your existing Amazon Application Load Balancers (ALBs) to redirect HTTP traffic to HTTPS, perform the following operations:
- AWS Documentation
- Application Load Balancers
- Listeners for your Application Load Balancers
- How can I redirect HTTP requests to HTTPS using an Application Load Balancer?
- AWS Command Line Interface (CLI) Documentation
Unlock the Remediation Steps
Gain free unlimited access
to our full Knowledge Base
Over 750 rules & best practices
Get started for FREE
You are auditing:
Enable HTTP to HTTPS Redirect for Application Load Balancers
Risk level: High