I have an ELB which in the first place was set to forward in this way:
Protocal Port Forward-Protocol Port Http 80 Http 80 Protocal Port Forward-Protocol Port Https 443 Https 443 Since I added my SSL certificate to the ELB and my EC2 instance is inside a private subnet, the AWS support engineer suggested to change https to forward to http as follow:
Protocal Port Forward-Protocol Port Http 80 Http 80 Protocal Port Forward-Protocol Port Https 443 Http 80 He said its a better practice since the ELB already doing everything need in the Https do there is no reason to add overhead to my instance as well.
The problem is that in my EC2 instance my folder structure is:
- /var/www/html - for regular http requests
- /var/www/secure - for secured https requests.
I want to force my site to do only Https requests so I want to use this code in my *.80 Virtual:
<VirtualHost *:80> ... #Force the https RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto} !https RewriteRule ^.*$ https://%{SERVER_NAME}%{REQUEST_URI} RewriteEngine On RewriteCond %{HTTP:X-Forwarded-Proto} https #Here i need a rule to change the document root. ... </VirtualHost> My problem with this code is that it will transfer the request the https, while probably what i need is to change the document root when its https.
I can assume that if it got to the http with a forward to https - the connection is already secured.
