How to forward http request to https in Amazon Route53?
Solution 1
No, there is no way to do this -- because it's not a DNS function to force any particular protocol, or to push values from one protocol to another. You can do this easily enough at the web server level, either in Apache, or IIS, or NGINX.
In any of those cases, the A or CNAME value pointing a specific record to a specific address (whether an IP or another host name) is the same, it's just going to connect via port 80 or port 443.
In Apache, you can simply use a rewrite (enable mod_rewrite
first):
RewriteEngine On
RewriteCond %{SERVER_PORT} !^443$
RewriteRule (.*) https://www.host.com/$1 [R]
Solution 2
Just a quick update for this question. Whilst in answer to your question no, you can't use route 53 to force HTTPS, this would lead some people to believe that forcing https on AWS hosting wasn't possible.
You can create a SSL certificate in Certificate Manager(or import your own), host your website where ever(S3/EC2), you then need to setup a CloudFront distribution for your site and import your SSL certificate, you can then use the option Redirect HTTP to HTTPS
via the behavior tab in the CloudFront console.
Solution 3
2019 +
The @Jamaurice Holt solution led me to the way but was a bit short
Classic Load Balancer
This solution only work with application load balancer, not classic load balancer, but you can migrate to use a more recent app balancer in EC2 > Load balancers > your load balancer > migrate
Application Load Balancer
On the console go to EC2 > Load balancers > your load balancer > listeners
Here you should have 2 rules: HTTP : 80 and HTTPS : 443
You just have to:
-
edit the HTTP : 80 rule
-
remove the forward rule and add a redirect rule to port 443
Solution 4
I accomplished it using a (ELB) application load balancer and redirecting the traffic to port 443 in the ELB edit section. Of course I'm using an ec2 instance to host my application and website.
huzeyfe
I am a 10+ years experienced Software Developer. Main interests Java, Spring, JSF, Rest & Micro Services.
Updated on April 28, 2021Comments
-
huzeyfe about 3 years
I have a subdomain in Amazon Route53. Let's say secure.example.com
If requests come like
https://secure.example.com
it is ok but I would like to forcehttp
requests to come through https. When user typeshttp://secure.example.com
it needs to be forwarded tohttps://secure.example.com
.Is there a domain level redirecting/forwarding requests coming through
http
tohttps
inAmazon Route53
? -
callback over 5 yearsI tried this, but then I keep getting access denied in http requests (403). I had to Only because I have a Single page application, I could create custom Error response in the Error pages tab of the distribution, to redirect 403 to /index.html with 200 OK status.
-
Mrk Fldig over 5 yearsHey callback, that sounds like a permissions issue on your S3 bucket, did you select webhosting when you set it up and grant public access to all the objects?
-
Sean over 5 yearsThis is the right answer and should be marked as so. Top marks!
-
Sebastien Horin almost 5 yearsThe @Jamaurice Holt solution led me to the way but was a bit short so I posted a more complete
-
Adrian Lynch over 4 yearsWhat type of load balancer are you using?
-
erhanasikoglu over 4 yearsthis is Application Load Balancer
-
Lucky almost 4 yearsDo you really need a Load Balancer here? I get that it fixes the problem since Load Balancers have to use SSL certificates in order to do their job, but it still feels like a bit of an overkill in this scenario, especially if I only have one Ec2 instance. Also, Load Balancers aren't cost neutral.
-
Sebastien Horin almost 4 years@Lucky medium / heavy used apps need load balancers, you may not need it for smaller projects
-
Lucky almost 4 years@SebastienHorin That's precisely my point. If you have an infrastructure that already requires the implementation of a Load Balancer, this solution is perfect. But the original problem seemed to occur in a scenario, where a Load Balancer wasn't required to start with, hence it wouldn't make much sense to implement a Load Balancer, just to forward http requests to https. It's still a good solution, but not for every situation. This is to say that, as soon as you have more than one ec2 instance, this solution makes perfect sense, but not for lower numbers.
-
Shruti Kar almost 4 years@SebastienHorin I absolutely agree. As an alternative to LB, cloudfront makes more since in case of one instance. I have an elasticbeanstalk env on a spot instance, have a DNS for it and then created a cloudfront distribution for this DNS. This enables my application, which is a web2py application, to connect via https. I see the url getting https. But the application runs into errors while looking for a secure connection, meaning that the received connection is still http. It still doesn't make sense to me.
-
Shruti Kar almost 4 yearsAs an alternative to LB, cloudfront makes more since in case of one instance. I have an elasticbeanstalk env on a spot instance, have a DNS for it and then created a cloudfront distribution for this DNS. This enables my application, which is a web2py application, to connect via https. I see the url getting https. But the application runs into errors while looking for a secure connection, meaning that the received connection is still http. It still doesn't make sense to me.
-
Mrk Fldig almost 4 years@ShrutiKar in behaviors you can redirect http->https also your EC2 instance needs the certificate installed.
-
Mac_W almost 4 yearsgreat solution! In 2019 should be the selected answer.
-
Eric P almost 4 yearsAs @Lucky mentioned, AWS ELB load balancers cost $18/m. So, yes, ELB is definitely the easiest solution, but the most costly. If one is hosting a static site on S3 + Cloudfront providing the SSL (via AWS Certificate Manager) the cost could be as low as $0.50/m or less for a low traffic site.
-
user9437856 almost 4 yearsIs there any way to redirect HTTPS to HTTP on AWS EC2?
-
Neal Magee almost 4 years@user9437856 EC2 is only raw computing infrastructure, so the way to redirect HTTP to HTTPS (or vice versa) is to use either a web server (apache2, nginx, etc.) or an HTTP load balancer like HAproxy. If you're using an ELB in front of EC2 instance(s) then you can set it to redirect.