Ensure that your Amazon Application Load Balancers (ALBs) are configured to redirect HTTP traffic (port 80) to HTTPS (port 443) in order to follow security best practices and meet compliance requirements.
This rule can help you work with the AWS Well-Architected Framework.
This rule resolution is part of the Conformity Security & Compliance tool for AWS.
Redirecting HTTP traffic to HTTPS within your Application Load Balancer (ALB) listeners' configuration simplifies deployments while benefiting from the scale, the availability, and the reliability of Amazon Elastic Load Balancing. The ALB's capability to redirect HTTP requests to HTTPS allows you to meet your compliance goal of secure browsing and achieve better search ranking and high SSL/TLS score for your websites/web applications.
To determine if your Application Load Balancers (ALBs) are configured to redirect HTTP traffic to HTTPS, perform the following operations:
Remediation / Resolution
To configure your existing Amazon Application Load Balancers (ALBs) to redirect HTTP traffic to HTTPS, perform the following operations:
- AWS Documentation
- Application Load Balancers
- Listeners for your Application Load Balancers
- How can I redirect HTTP requests to HTTPS using an Application Load Balancer?
- AWS Command Line Interface (CLI) Documentation
Unlock the Remediation Steps
Free 30-day Trial
Automatically audit your configurations with Conformity
and gain access to our cloud security platform.
You are auditing:
Enable HTTP to HTTPS Redirect for Application Load Balancers
Risk level: High