How to force https on amazon elastic beanstalk without failing the health check [duplicate] How to force https on amazon elastic beanstalk without failing the health check [duplicate] apache apache

How to force https on amazon elastic beanstalk without failing the health check [duplicate]


apache amazon-web-services mod-rewrite https amazon-elastic-beanstalk

There's multiple hostmananger URLs that Elastic Beanstalk needs to access besides the health check. Grepping /var/log/httpd/elasticbeanstalk-access_log, I see requests to /_hostmanager/tasks and /_hostmanager/healthcheck.

Here are the rules that I added to /etc/httpd/sites/elasticbeanstalk on my EC2 instances:

RewriteEngine OnRewriteCond %{HTTP:X-Forwarded-Proto} !httpsRewriteCond %{REQUEST_URI} !^/status$ RewriteCond %{REQUEST_URI} !^/version$ RewriteCond %{REQUEST_URI} !^/_hostmanager/ RewriteRule . https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

Note that I'm also allowing non-https traffic to my /status and /version pages. I'm actually using /status as the actual healthcheck lookup URL, so having that traffic skip the rewrite will avoid the redirect and make the status lookup faster (I'm assuming).

apache amazon-web-services mod-rewrite https amazon-elastic-beanstalk

I think that some of the other answers on here may not be based on whatever the arbitrary User-Agent AWS is currently setting. When I watch the Apache logs, I see this User-Agent:

ELB-HealthChecker/1.0

As of writing this, the following mod_rewrite rule is working for me:

RewriteEngine OnRewriteCond %{HTTP:X-Forwarded-Proto} !httpsRewriteCond %{HTTP_USER_AGENT} !^ELB-HealthChecker.* RewriteRule . https://%{SERVER_NAME}%{REQUEST_URI} [L,R]

apache amazon-web-services mod-rewrite https amazon-elastic-beanstalk

As of 2016, none of these answers works for me, but this worked:

1 Retrieve /etc/httpd/conf.d/wsgi.conf

2 Add the following to the virtual host: (Note that the third line prevents an issue where the setup script /opt/elasticbeanstalk/hooks/config.py waits 5 minutes failing to load the path /.)

RewriteEngine OnRewriteCond %{HTTP:X-Forwarded-Proto} !httpsRewriteCond %{HTTP_HOST} !localhostRewriteCond %{HTTP_USER_AGENT} !^ELB-HealthChecker.* RewriteRule . https://%{SERVER_NAME}%{REQUEST_URI} [L,R=301]

3 Put the file in your repository, and add the following container command:

06_https:  command: "cp wsgi.conf /opt/python/ondeck/wsgi.conf"

This file is then copied automatically by the setup script into /etc/httpd/conf.d.

Recent Posts
How can I color dots in a xy scatterplot according to column value?
How to update a claim in ASP.NET Identity?
What does {0} mean when initializing an object?
Accessing members of items in a JSONArray with Java
How to log SQL statements in Spring Boot?
Powershell Get-WebSite name parameter is ignored
How to detect scroll to bottom of html element
Java synchronized method
How to test controllers with CodeIgniter?
Detect Visual Composer
Matplotlib: Specify format of floats for tick labels
Rails join a list of strings with commas and "and" before the last