How to resolve Sprinto check to redirect traffic from http to https on AWS Application Load Balancer (ALB)

About

Sprinto check: AWS load balancer should redirect traffic from HTTP to HTTPS

The above Sprinto check starts failing if any of the integrated Application Load Balancer (ALB) has no listeners configured to redirect HTTP to HTTPS.

Purpose

Redirecting HTTP requests to HTTPS on an Application Load Balancer significantly enhances data security by ensuring all data transmitted between clients and the server is encrypted. This prevents unauthorized access and eavesdropping on sensitive information, such as login credentials and personal data. By enforcing HTTPS, you protect data integrity and confidentiality, ensuring secure communication and compliance with security standards and regulations.

Redirecting Requests from HTTP to HTTPS on Application Load Balancer

Follow the below procedure to redirect requests from HTTP to HTTPS protocol on ALB:

Before you begin

• Make sure that you have administrator privilege on AWS to configure ALB listeners.

Procedure

1. Log in to AWS Console using your credentials or using the available SSO options.

2. Navigate to the AWS EC2 service.

3. Click Load Balancers under the Load Balancing section from the left-side navigation bar.

4. Select the desired ALB you want to configure.

   
5. Create an HTTP Listener. Note: If you already have an HTTP listener created, ensure the below conditions are met.

   1. Select the Listeners tab, then click Add Listener.

   2. Select the Protocol as HTTP and the Port as 80.

   3. Select Redirect to URL under the Routing actions, then select HTTPS as protocol and Port as 443.

      
   4. Click Save to apply the changes.

6. Repeat the above steps for all ALBs on your AWS account.

Upon completing the above configuration Sprinto updates the checks status to “Passing.”

Please contact Sprinto Support if you have any queries related to the check or need any assistance.