1

I have a rails app on 2 EC2 Instances running nginx behind an Amazon Elastic Load Balancer. I'd like to force HTTPS, which was working fine before I added in the Load Balancer. Now I can't quite figure out how to do it.

My load balancer has 2 listeners: 80 to 80 and 443 to 80 (with an ssl cert).

I tried adding the following rewrite rule to the nginx config, but it didn't seem to work:

if ($http_x_forwarded_proto != 'https') { rewrite ^(.*) https://$host$1 permanent; }

Any help would be greatly appreciated!

Improve this question
2
  • 2
    You'll probably have an easier time if you forward 443 to 443. Commented Jan 9, 2013 at 15:33
  • You know, I had already tried that and got an error. So I tried again and realized what I did incorrectly last time: I typed in port 443 but didn't actually select https from the "Instance Protocol" drop-down. This fixed it - thanks! Commented Jan 9, 2013 at 17:55

1 Answer 1

Reset to default
0

we've been able to solve this doing the following:

Keep your ELB configured as stated (listening on boty 80 and 443, and forwarding traffic to instances on port 80)

Then in application_controller.rb do something similar to:

class ApplicationController < ActionController::Base force_ssl if: :ssl_required? # rest of your code here private def ssl_required? # If we came in through the load-balancer, this header will be present if request.headers['X-Forwarded-Proto'].present? && !request.ssl? return true end return false end end
Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.