1

I have a rails app on 2 EC2 Instances running nginx behind an Amazon Elastic Load Balancer. I'd like to force HTTPS, which was working fine before I added in the Load Balancer. Now I can't quite figure out how to do it.

My load balancer has 2 listeners: 80 to 80 and 443 to 80 (with an ssl cert).

I tried adding the following rewrite rule to the nginx config, but it didn't seem to work:

if ($http_x_forwarded_proto != 'https') {
  rewrite ^(.*) https://$host$1 permanent;
}

Any help would be greatly appreciated!

Adam
  • 113
  • 3
  • 2
    You'll probably have an easier time if you forward 443 to 443. – ceejayoz Jan 09 '13 at 15:33
  • You know, I had already tried that and got an error. So I tried again and realized what I did incorrectly last time: I typed in port 443 but didn't actually select https from the "Instance Protocol" drop-down. This fixed it - thanks! – Adam Jan 09 '13 at 17:55

1 Answers1

0

we've been able to solve this doing the following:

Keep your ELB configured as stated (listening on boty 80 and 443, and forwarding traffic to instances on port 80)

Then in application_controller.rb do something similar to:

class ApplicationController < ActionController::Base
  force_ssl if: :ssl_required?

  # rest of your code here

  private
  def ssl_required?
    # If we came in through the load-balancer, this header will be present
    if request.headers['X-Forwarded-Proto'].present? && !request.ssl?
      return true
    end
    return false 
  end
end
Richard Luck
  • 101
  • 2