top of page
ELB.1
Application Load Balancer should be configured to redirect all HTTP requests to HTTPS
Severity
Cloud Platforms
Resources
Related Standards
Automated
MEDIUM
AWS
Elastic Load Balancing
AWS Foundational Best Practice, AWS Well-Architected, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,
This AWS control checks whether HTTP to HTTPS redirection is configured on all HTTP listeners of Application Load Balancers. The control will fail if one or more HTTP listeners of Application Load Balancers do not have HTTP to HTTPS redirection configured.
bottom of page